org.forgerock.openam.rest.authz

Class STSPublishServiceAuthzModule

java.lang.Object

org.forgerock.openam.rest.authz.SSOTokenAuthzModule

org.forgerock.openam.rest.authz.AdminOnlyAuthzModule

org.forgerock.openam.rest.authz.STSPublishServiceAuthzModule

All Implemented Interfaces:

org.forgerock.authz.filter.crest.api.CrestAuthorizationModule

public class STSPublishServiceAuthzModule
extends AdminOnlyAuthzModule

This is an authz module specific for the STS publish service. It will allow admins and soap sts agents to read state corresponding to published sts instances, and allow admins to create, delete, and update new sts instances.

Field Summary

Fields

Modifier and Type	Field and Description
static String	NAME

Fields inherited from class org.forgerock.openam.rest.authz.SSOTokenAuthzModule

debug, moduleName

Constructor Summary

Constructors

Constructor and Description
STSPublishServiceAuthzModule(Config<SessionService> sessionService, AgentIdentity agentIdentity, Debug debug)

Method Summary

Modifier and Type	Method and Description
org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException>	authorizeAction(org.forgerock.services.context.Context context, org.forgerock.json.resource.ActionRequest request)
org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException>	authorizeCreate(org.forgerock.services.context.Context context, org.forgerock.json.resource.CreateRequest request)
org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException>	authorizeDelete(org.forgerock.services.context.Context context, org.forgerock.json.resource.DeleteRequest request)
org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException>	authorizePatch(org.forgerock.services.context.Context context, org.forgerock.json.resource.PatchRequest request)
org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException>	authorizeQuery(org.forgerock.services.context.Context context, org.forgerock.json.resource.QueryRequest request)
org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException>	authorizeRead(org.forgerock.services.context.Context context, org.forgerock.json.resource.ReadRequest request)
org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException>	authorizeUpdate(org.forgerock.services.context.Context context, org.forgerock.json.resource.UpdateRequest request)
String	getName()

Methods inherited from class org.forgerock.openam.rest.authz.AdminOnlyAuthzModule

getUserId, isSuperUser, validateToken

Methods inherited from class org.forgerock.openam.rest.authz.SSOTokenAuthzModule

authorize

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

NAME

public static final String NAME

See Also:

Constant Field Values

Constructor Detail

STSPublishServiceAuthzModule

@Inject
public STSPublishServiceAuthzModule(Config<SessionService> sessionService,
                                            AgentIdentity agentIdentity,
                                            @Named(value="frRest")
                                            Debug debug)

Method Detail

getName

public String getName()

Specified by:

getName in interface org.forgerock.authz.filter.crest.api.CrestAuthorizationModule

Overrides:

getName in class AdminOnlyAuthzModule

authorizeCreate

public org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException> authorizeCreate(org.forgerock.services.context.Context context,
                                                                                                                                                            org.forgerock.json.resource.CreateRequest request)

Specified by:

authorizeCreate in interface org.forgerock.authz.filter.crest.api.CrestAuthorizationModule

Overrides:

authorizeCreate in class SSOTokenAuthzModule

authorizeRead

public org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException> authorizeRead(org.forgerock.services.context.Context context,
                                                                                                                                                          org.forgerock.json.resource.ReadRequest request)

Specified by:

authorizeRead in interface org.forgerock.authz.filter.crest.api.CrestAuthorizationModule

Overrides:

authorizeRead in class SSOTokenAuthzModule

authorizeUpdate

public org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException> authorizeUpdate(org.forgerock.services.context.Context context,
                                                                                                                                                            org.forgerock.json.resource.UpdateRequest request)

Specified by:

authorizeUpdate in interface org.forgerock.authz.filter.crest.api.CrestAuthorizationModule

Overrides:

authorizeUpdate in class SSOTokenAuthzModule

authorizeDelete

public org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException> authorizeDelete(org.forgerock.services.context.Context context,
                                                                                                                                                            org.forgerock.json.resource.DeleteRequest request)

Specified by:

authorizeDelete in interface org.forgerock.authz.filter.crest.api.CrestAuthorizationModule

Overrides:

authorizeDelete in class SSOTokenAuthzModule

authorizePatch

public org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException> authorizePatch(org.forgerock.services.context.Context context,
                                                                                                                                                           org.forgerock.json.resource.PatchRequest request)

Specified by:

authorizePatch in interface org.forgerock.authz.filter.crest.api.CrestAuthorizationModule

Overrides:

authorizePatch in class SSOTokenAuthzModule

authorizeAction

public org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException> authorizeAction(org.forgerock.services.context.Context context,
                                                                                                                                                            org.forgerock.json.resource.ActionRequest request)

Specified by:

authorizeAction in interface org.forgerock.authz.filter.crest.api.CrestAuthorizationModule

Overrides:

authorizeAction in class SSOTokenAuthzModule

authorizeQuery

public org.forgerock.util.promise.Promise<org.forgerock.authz.filter.api.AuthorizationResult,org.forgerock.json.resource.ResourceException> authorizeQuery(org.forgerock.services.context.Context context,
                                                                                                                                                           org.forgerock.json.resource.QueryRequest request)

Specified by:

authorizeQuery in interface org.forgerock.authz.filter.crest.api.CrestAuthorizationModule

Overrides:

authorizeQuery in class SSOTokenAuthzModule