weblogic.security.spi
Interface AdjudicatorV2
- public interface AdjudicatorV2
The AdjudicatorV2
interface defines the security
service provider interface (SSPI) for an object that is responsible
for making the final decision as to whether the processing of the
requested method should be permitted to proceed or should be
denied.
An implementation of the AdjudicatorV2/code> interface is the
part of an Adjudication provider that is called after all the
Access Decisions' isAccessAllowed
methods have been
called and returned successfully (that is, without throwing
exceptions).
An implementation of the AdjudicatorV2/code> interface is a
singleton object that exists once per realm/JVM (which is part of a
security policy domain).
- Author:
- Copyright © 2004-2008, Oracle and/or its affiliates. All rights reserved.
Method Summary
|
boolean |
adjudicate(Result[] results,
Resource resource,
ContextHandler handler)
Determines the final adjudication from a set of decisions
rendered by Access Decisions, provided they are
acting as policy decision points (PDPs). |
void |
initialize(weblogic.management.security.authorization.AuthorizerMBean[] accessDecisionMBeans)
Initializes the names of the Access Decisions so that they do not
require computation on every isAccessAllowed call
that the Authorization Manager (part of the WebLogic Security
Framework) makes. |
initialize
public void initialize(weblogic.management.security.authorization.AuthorizerMBean[] accessDecisionMBeans)
- Initializes the names of the Access Decisions so that they do not
require computation on every
isAccessAllowed
call
that the Authorization Manager (part of the WebLogic Security
Framework) makes.
- Parameters:
accessDecisionClassNames
- an array of String objects
containing the list of Access Decisions. The order of this list
will match the order of the array of int
results
sent into the adjudicate
call.
adjudicate
public boolean adjudicate(Result[] results,
Resource resource,
ContextHandler handler)
- Determines the final adjudication from a set of decisions
rendered by Access Decisions, provided they are
acting as policy decision points (PDPs).
- Parameters:
results
- a Result
array returned from the
Authorization Manager, containing the result of each Access
Decision. Note that the the order of results is the same as the
order of Access Decision class names that were passed in on the
initialize
method of this interface.- Returns:
- a boolean value indicating whether the decision n is to
permit or deny. A value of
TRUE
* indicates that the
decision is to permit; a value * of FALSE
indicates
that the decision is * to deny.