Skip navigation links

oracle.search.sdk.security
Interface AuthorizationManager

public interface AuthorizationManager

An interface to manage authorization plug-ins for extensible authorization. This manager may provide a query filter plug-in, a result filter plug-in, or both.

See Also:

QueryFilterPlugin, ResultFilterPlugin, IdentityPlugin

Field Summary

static String	ANONYMOUS_USER
static String	VERSION

Method Summary

boolean	areAttributesSufficient(SecurityAttributeInfo[] attributes) Returns true if this authorization plug-in supports all of the security attributes exposed by the crawler plug-in, and if these are sufficient to determine authorization.
String	getBaseAPIVersion() Returns the version string of the plug-in API.
String	getPluginDescription() Returns the description of the authorization manager plug-in.
String	getPluginName() Returns the name of the authorization manager plug-in.
List	getPluginParameters() Returns a list of parameter objects for the authorization manager plug-in.
String	getPluginVersion() Returns the version string of the authorization manager plug-in.
QueryFilterPlugin	getQueryFilterPlugin(String username, ServletRequest req) Returns an instance of QueryFilterPlugin.
ResultFilterPlugin	getResultFilterPlugin() Returns an instance of ResultFilterPlugin.
void	init(ParameterValues params, IdentityPluginManager identityPluginManager, Logger logger) Initializes the authorization manager plug-in with parameter values provided in the administration tool.
boolean	isQueryFilterAvailable() Returns true if this manager provides a QueryFilterPlugin.
boolean	isResultFilterAvailable() Returns true if this manager provides a ResultFilterPlugin.
boolean	validateParams(ParameterValues params) Validates the parameter values that will later be used by the administration tool, crawler, or query application to call init.

Field Detail

VERSION

static final String VERSION

See Also:

Constant Field Values

ANONYMOUS_USER

static final String ANONYMOUS_USER

See Also:

Constant Field Values

Method Detail

getBaseAPIVersion

String getBaseAPIVersion()

Returns the version string of the plug-in API. This method should always return AuthorizationManager.VERSION.

Returns:

the plug-in API version string

getPluginName

String getPluginName()

Returns the name of the authorization manager plug-in.

Returns:

name of the plug-in

getPluginDescription

String getPluginDescription()

Returns the description of the authorization manager plug-in.

Returns:

description of the plug-in

getPluginVersion

String getPluginVersion()

Returns the version string of the authorization manager plug-in.

Returns:

version of the plug-in

getPluginParameters

List getPluginParameters()

Returns a list of parameter objects for the authorization manager plug-in. The administration tool uses this list to collect values for each parameter, and those values are used to call init.

Returns:

list of ParameterInfo objects

validateParams

boolean validateParams(ParameterValues params)
                       throws PluginException

Validates the parameter values that will later be used by the administration tool, crawler, or query application to call init. This method is called when the plug-in is configured in the administration tool.

Parameters:

params - the parameter values

Returns:

true if the parameters are valid, false otherwise

Throws:

PluginException - if an error occurs

init

void init(ParameterValues params,
          IdentityPluginManager identityPluginManager,
          Logger logger)
          throws PluginException

Initializes the authorization manager plug-in with parameter values provided in the administration tool.

This method will only be called with parameters which have been approved by a prior call to validateParams. However, the prior call to validateParams may have been made on a different object (of this class).

The identity plug-in manager may be used to get instances of IdentityPlugin to perform group lookups or other identity attribute operations. This AuthorizationManager is responsible for calling close on any IdentityPlugin instances once finished.

Note: This method may not be called on every instance of this interface, and it is only guaranteed to be invoked before a call to either getQueryFilterPlugin or getResultFilterPlugin. As a result, the Logger object may not always be available.

Parameters:

params - the parameter values

identityPluginManager - null if no identity plug-in has been activated in the administration tool. Otherwise, an active identity plug-in manager. This identity plug-in manager will have already been initialized itself before being passed in as an argument.

logger - logger object

Throws:

PluginException - if an error occurs

See Also:

IdentityPlugin

isQueryFilterAvailable

boolean isQueryFilterAvailable()

Returns true if this manager provides a QueryFilterPlugin.

isResultFilterAvailable

boolean isResultFilterAvailable()

Returns true if this manager provides a ResultFilterPlugin.

areAttributesSufficient

boolean areAttributesSufficient(SecurityAttributeInfo[] attributes)

Returns true if this authorization plug-in supports all of the security attributes exposed by the crawler plug-in, and if these are sufficient to determine authorization. If this authorization manager does not provide a query filter plug-in, then this method will not be called.

Parameters:

attributes - the security attributes

Returns:

true if the attributes are sufficient, false otherwise

getQueryFilterPlugin

QueryFilterPlugin getQueryFilterPlugin(String username,
                                       ServletRequest req)

Returns an instance of QueryFilterPlugin. As a precondition, this object will have been initialized with a call to init.

Parameters:

username - the username

req - the servlet request

Returns:

an instance of QueryFilterPlugin

getResultFilterPlugin

ResultFilterPlugin getResultFilterPlugin()

Returns an instance of ResultFilterPlugin. As a precondition, this object will have been initialized with a call to init.

Returns:

an instance of ResultFilterPlugin

Skip navigation links