Authorizer (WildFly: Controller Core 18.0.3.Final API)

All Known Subinterfaces:

CustomAuthorizer, JmxAuthorizer

All Known Implementing Classes:

DelegatingConfigurableAuthorizer, ManagementPermissionAuthorizer, StandardRBACAuthorizer
```
public interface Authorizer
```
Interface exposed by the enforcement point in a WildFly access control system.

Author:

Brian Stansberry (c) 2013 Red Hat Inc.

Nested Class Summary

Nested Classes
Modifier and Type Interface and Description

static interface Authorizer.AuthorizerDescription
Description of standard information about the custom authorizer.

Nested Classes
Modifier and Type	Interface and Description
`static interface`	`Authorizer.AuthorizerDescription` Description of standard information about the custom authorizer.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`AuthorizationResult`	`authorize(org.wildfly.security.auth.server.SecurityIdentity identity, Environment callEnvironment, Action action, TargetAttribute target)` Authorize a management operation affecting an individual attribute.
`AuthorizationResult`	`authorize(org.wildfly.security.auth.server.SecurityIdentity identity, Environment callEnvironment, Action action, TargetResource target)` Authorize a management operation affecting an entire resource.
`AuthorizationResult`	`authorizeJmxOperation(org.wildfly.security.auth.server.SecurityIdentity identity, Environment callEnvironment, JmxAction action, JmxTarget target)` Authorize a JMX operation.
`Set<String>`	`getCallerRoles(org.wildfly.security.auth.server.SecurityIdentity identity, Environment callEnvironment, Set<String> runAsRoles)` Gets the set of roles the caller can run as taking into account any requested 'run as' roles.
`Authorizer.AuthorizerDescription`	`getDescription()` Gets a description of the characteristics of this authorizer

- Method Detail
  - getDescription
```
Authorizer.AuthorizerDescription getDescription()
```
    Gets a description of the characteristics of this authorizer
    
    Returns:
    
    the description. Cannot be null
  - authorize
```
AuthorizationResult authorize(org.wildfly.security.auth.server.SecurityIdentity identity,
                              Environment callEnvironment,
                              Action action,
                              TargetAttribute target)
```
    Authorize a management operation affecting an individual attribute.
    
    Parameters:
    
    identity - the caller identity. Cannot be null
    
    callEnvironment - the call environment. Cannot be null
    
    action - the action being authorized. Cannot be null
    
    target - the target of the action. Cannot be null
    
    Returns:
    
    the authorization result. Will not be null
  - authorize
```
AuthorizationResult authorize(org.wildfly.security.auth.server.SecurityIdentity identity,
                              Environment callEnvironment,
                              Action action,
                              TargetResource target)
```
    Authorize a management operation affecting an entire resource.
    
    Parameters:
    
    identity - the identity. Cannot be null
    
    callEnvironment - the call environment. Cannot be null
    
    action - the action being authorized. Cannot be null
    
    target - the target of the action. Cannot be null
    
    Returns:
    
    the authorization result. Will not be null
  - authorizeJmxOperation
```
AuthorizationResult authorizeJmxOperation(org.wildfly.security.auth.server.SecurityIdentity identity,
                                          Environment callEnvironment,
                                          JmxAction action,
                                          JmxTarget target)
```
    Authorize a JMX operation. This operation should NOT be called for the management facade MBeans
    
    Parameters:
    
    identity - the caller identity. Cannot be null
    
    callEnvironment - the call environment. Cannot be null
    
    action - the action being authorized. Cannot be null
    
    target - the target of the action. Cannot be null
    
    Returns:
    
    the authorization result. Will not be null
  - getCallerRoles
```
Set<String> getCallerRoles(org.wildfly.security.auth.server.SecurityIdentity identity,
                           Environment callEnvironment,
                           Set<String> runAsRoles)
```
    Gets the set of roles the caller can run as taking into account any requested 'run as' roles.
    
    Parameters:
    
    identity - the caller identity. Cannot be null
    
    callEnvironment - the call environment. Cannot be null
    
    runAsRoles - any requested 'run as' roles. May be null
    
    Returns:
    
    The set of roles assigned to the caller; an empty set will be returned if no roles are assigned or null will be returned if the access control provider does not support role mapping.

Interface Authorizer

Nested Class Summary

Method Summary

Method Detail

getDescription

authorize

authorize

authorizeJmxOperation

getCallerRoles