org.glassfish.security.services.provider.authorization

Class SimpleAuthorizationProviderImpl

java.lang.Object

org.glassfish.security.services.provider.authorization.SimpleAuthorizationProviderImpl

All Implemented Interfaces:

AuthorizationProvider, SecurityProvider

@Service(name="simpleAuthorization")
@PerLookup
public class SimpleAuthorizationProviderImpl
extends Object
implements AuthorizationProvider

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
protected class	SimpleAuthorizationProviderImpl.Decider Chooses what authorization decision to render.

Field Summary

Fields

Modifier and Type	Field and Description
protected static Logger	_logger

Constructor Summary

Constructors

Constructor and Description
SimpleAuthorizationProviderImpl()

Method Summary

Methods

Modifier and Type	Method and Description
protected SimpleAuthorizationProviderImpl.Decider	createDecider()
AuthorizationService.PolicyDeploymentContext	findOrCreateDeploymentContext(String appContext) Finds an existing PolicyDeploymentContext, or create a new one if one does not already exist for the specified appContext.
AzResult	getAuthorizationDecision(AzSubject subject, AzResource resource, AzAction action, AzEnvironment environment, List<AzAttributeResolver> attributeResolvers) Evaluates the specified subject, resource, action, and environment against the body of policy managed by this provider and returns an access control result.
void	initialize(SecurityProvider providerConfig) Initialize the security provider instance with the specific security provider configuration.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

_logger

protected static final Logger _logger

Constructor Detail

SimpleAuthorizationProviderImpl

public SimpleAuthorizationProviderImpl()

Method Detail

initialize

public void initialize(SecurityProvider providerConfig)

Description copied from interface: SecurityProvider

Initialize the security provider instance with the specific security provider configuration.

Specified by:

initialize in interface SecurityProvider

createDecider

protected SimpleAuthorizationProviderImpl.Decider createDecider()

getAuthorizationDecision

public AzResult getAuthorizationDecision(AzSubject subject,
                                AzResource resource,
                                AzAction action,
                                AzEnvironment environment,
                                List<AzAttributeResolver> attributeResolvers)

Description copied from interface: AuthorizationProvider

Evaluates the specified subject, resource, action, and environment against the body of policy managed by this provider and returns an access control result.

Specified by:

getAuthorizationDecision in interface AuthorizationProvider

Parameters:

subject - The attributes collection representing the Subject for which an authorization decision is requested.

resource - The attributes collection representing the resource for which access is being requested.

action - The attributes collection representing the action, with respect to the resource, for which access is being requested. A null action is interpreted as all actions, however all actions may also be represented by the AzAction instance. See AzAction.

environment - The attributes collection representing the environment, or context, in which the access decision is being requested, null if none.

attributeResolvers - The ordered list of attribute resolvers, for run time determination of missing attributes, null if none.

Returns:

The AzResult indicating the result of the access decision.

See Also:

AuthorizationService.getAuthorizationDecision(org.glassfish.security.services.api.authorization.AzSubject, org.glassfish.security.services.api.authorization.AzResource, org.glassfish.security.services.api.authorization.AzAction)

findOrCreateDeploymentContext

public AuthorizationService.PolicyDeploymentContext findOrCreateDeploymentContext(String appContext)

Description copied from interface: AuthorizationProvider

Finds an existing PolicyDeploymentContext, or create a new one if one does not already exist for the specified appContext. The context will be returned in an "open" state, and will stay that way until commit() or delete() is called.

Specified by:

findOrCreateDeploymentContext in interface AuthorizationProvider

Parameters:

appContext - The application context for which the PolicyDeploymentContext is desired.

Returns:

The resulting PolicyDeploymentContext, null if this provider does not support this feature.

See Also:

AuthorizationService.findOrCreateDeploymentContext(String)