Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Communications Converged Application Server Java API Reference
5.1
E36938-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.oracle.sft.api
Interface RestAuthorizationAdapter

public interface RestAuthorizationAdapter

When provide a customized security policy Java class to REST API module, the Java class must implement this interface.

To set REST API security policy, use ServiceAttributes annotation. For example, @ServiceAttributes(restAuthorizationAdapter="com.example.MyPolicy") means the customized security policy Java class is "com.example.MyPolicy". Class MyPolicy must implement RestAuthorizationAdapter.

There are also two pre-defined policy named PRINCIPAL_MATCHING and WITH_PRINCIPAL.
WITH_PRINCIPAL: all invokers with principal can call all REST API
PRINCIPAL_MATCHING: when target communication exists, a REST API can be called if invoker is one of participants of the target communication. When target communication doesn't exist, a REST API can be called if invoker will be one of participants of the being created communication.

To use these two pre-defined policy, use ServiceAttributes annotation. For example, @ServiceAttributes(restAuthorizationAdapter="PRINCIPAL_MATCHING") means using PRINCIPAL_MATCHING pre-defined policy.

Nested Class Summary
static class RestAuthorizationAdapter.HTTPMethod
          The HTTP method used by REST APIs.

 

Method Summary
<C extends Communication>
boolean
authorize(Principal principal, RestAuthorizationAdapter.HTTPMethod method, URI uri, Class<C> communicationClass, RestAuthorizeData data)
           Determines whether the authentication id with given role and principal is allowed to do the specific REST API.

 

Method Detail

authorize

<C extends Communication> boolean authorize(Principal principal,
                                            RestAuthorizationAdapter.HTTPMethod method,
                                            URI uri,
                                            Class<C> communicationClass,
                                            RestAuthorizeData data)

Determines whether the authentication id with given role and principal is allowed to do the specific REST API.

If CommunicationService instance is needed, for example, getting a Communication instance by its id, use ServiceLocator API. To use it, set "allowModules" in ServiceAttributes annotation of SFT application, for example:

 @ServiceAttributes(restAuthorizationAdapter="com.oracle.sft.test.bean.MyPolicy", allowedModules="*")
Then, get CommunicationService instance by ServiceLocator API as below. 
 ServiceLocator locator = ServiceLocator.get();
 CommunicationService cs = locator.getService();
Parameters:
principal - the name to represent the user to call REST API
method - The HTTP method of the REST API
uri - The full URI of the REST API
data - The input data for calling the REST API
Returns:
true if authorization is allowed; false otherwise

Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Communications Converged Application Server Java API Reference
5.1
E36938-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2012 Oracle Corporation. All Rights Reserved.