|
Oracle Fusion Middleware Java API for Oracle WebLogic Portal 10g Release 3 (10.3.2) E14255-01 |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object
com.bea.p13n.entitlements.Authorization
public class Authorization
The Authorization class provides runtime methods for security policy checks. The runtime authorization checks utilize the SecurityServiceManager to retrieve the RoleManager and AuthorizationManager. These managers perform runtime checks against all configured Authorization and RoleMapping providers while determining applicable roles and policies.
Constructor Summary | |
---|---|
Authorization() |
Method Summary | |
---|---|
static Map |
getRoles(P13nResource aResource) Evaluates and returns the role names for which the current user evaluates truely. |
static Map |
getRoles(P13nResource aResource, P13nContextHandler aRequestContext) Evaluates and returns the role names for which the current user evaluates truely. |
static boolean |
isAccessAllowed(P13nResource aResource) Evaluates whether access is allowed to an application resource. |
static boolean |
isAccessAllowed(P13nResource aResource, boolean inheritSecurityPolicies) Evaluates whether access is allowed to an application resource. |
static boolean |
isAccessAllowed(P13nResource aResource, P13nContextHandler aRequestContext) Evaluates whether access is allowed to an application resource. |
static boolean |
isAccessAllowed(P13nResource aResource, P13nContextHandler aRequestContext, boolean inheritSecurityPolicies) Evaluates whether access is allowed to an application resource. |
static boolean |
isAccessAllowed(P13nResource aResource, P13nContextHandler aRequestContext, boolean inheritSecurityPolicies, Map roles) Evaluates whether access is allowed to an application resource for the given roles. |
static boolean |
isAccessAllowed(P13nResource aResource, P13nContextHandler aRequestContext, Map roles) Evaluates whether access is allowed to an application resource. |
static boolean |
isAccessAllowed(Subject aSubject, P13nResource aResource, P13nContextHandler aRequestContext) Evaluates whether access is allowed to an application resource. |
static boolean |
isAccessAllowed(Subject aSubject, P13nResource aResource, P13nContextHandler aRequestContext, boolean inheritSecurityPolicies) Evaluates whether access is allowed to an application resource. |
static boolean |
isAccessAllowed(Subject aSubject, P13nResource aResource, P13nContextHandler aRequestContext, boolean inheritSecurityPolicies, Map roles) Evaluates whether access is allowed to an application resource. |
static boolean |
isAccessAllowed(Subject aSubject, P13nResource aResource, P13nContextHandler aRequestContext, Map roles) Evaluates whether access is allowed to an application resource for the given roles. |
static boolean |
isProtectedResource(P13nResource aResource) Evaluates whether the given resource is protected by a security policy. |
static boolean |
isUserInRole(String aRoleName, Map aRoleMap) Evaluates whether the current user is in a given precomputed Map of role names. |
static boolean |
isUserInRole(String aRoleName, P13nResource aResource, P13nContextHandler aRequestContext) Evaluates whether the current user is in a give role |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public Authorization()
Method Detail |
---|
public static Map getRoles(P13nResource aResource, P13nContextHandler aRequestContext)
aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.aRequestContext
- The optional input object containing supplemental information for role mappping and authorization providers. Must be valid if any role policies are dependent on a custom predicate for their evaluation. If potential roles contain an ExpressionPredicate, aRequestContext must contain an EntitlementRequest.public static Map getRoles(P13nResource aResource)
aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.public static boolean isAccessAllowed(P13nResource aResource)
P13nContextHandler
will be retrieved internally in this method.aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.public static boolean isAccessAllowed(P13nResource aResource, P13nContextHandler aRequestContext)
aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.aRequestContext
- The optional input object containing supplemental information for role mappping and authorization providers. Must be valid if any role policies are dependent on a custom predicate for their evaluation. If potential roles contain an ExpressionPredicate, aRequestContext must contain an EntitlementRequest.public static boolean isAccessAllowed(Subject aSubject, P13nResource aResource, P13nContextHandler aRequestContext, boolean inheritSecurityPolicies)
aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.aSubject
- The optional subject to check access for. If not provided, current subject on request will be used.aRequestContext
- The optional input object containing supplemental information for role mappping and authorization providers. Must be valid if any role policies are dependent on a custom predicate for their evaluation. If potential roles contain an ExpressionPredicate, aRequestContext must contain an EntitlementRequest.inheritSecurityPolicies
- A flag indicating whether all scoped security policies should be checked (true) or whether a normal access check (first available policy) should be done (false).public static boolean isAccessAllowed(P13nResource aResource, boolean inheritSecurityPolicies)
P13nContextHandler
will be retrieved internally in this method.aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.inheritSecurityPolicies
- A flag indicating whether all scoped security policies should be checked (true) or whether a normal access check (first available policy) should be done (false).public static boolean isAccessAllowed(P13nResource aResource, P13nContextHandler aRequestContext, boolean inheritSecurityPolicies)
aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.aRequestContext
- The optional input object containing supplemental information for role mappping and authorization providers. Must be valid if any role policies are dependent on a custom predicate for their evaluation. If potential roles contain an ExpressionPredicate, aRequestContext must contain an EntitlementRequest.inheritSecurityPolicies
- A flag indicating whether all scoped security policies should be checked (true) or whether a normal access check (first available policy) should be done (false).public static boolean isAccessAllowed(Subject aSubject, P13nResource aResource, P13nContextHandler aRequestContext)
aSubject
- The Subject to consider access for.aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.aRequestContext
- The optional input object containing supplemental information for role mappping and authorization providers. Must be valid if any role policies are dependent on a custom predicate for their evaluation. If potential roles contain an ExpressionPredicate, aRequestContext must contain an EntitlementRequest.public static boolean isAccessAllowed(Subject aSubject, P13nResource aResource, P13nContextHandler aRequestContext, Map roles)
aSubject
- The Subject to consider access for.aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.aRequestContext
- The optional input object containing supplemental information for role mappping and authorization providers. Must be valid if any role policies are dependent on a custom predicate for their evaluation. If potential roles contain an ExpressionPredicate, aRequestContext must contain an EntitlementRequest.roles
- A Map of role name strings for which the policies are to be evaluated.public static boolean isAccessAllowed(P13nResource aResource, P13nContextHandler aRequestContext, boolean inheritSecurityPolicies, Map roles)
aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.aRequestContext
- The optional input object containing supplemental information for role mappping and authorization providers. Must be valid if any role policies are dependent on a custom predicate for their evaluation. If potential roles contain an ExpressionPredicate, aRequestContext must contain an EntitlementRequest.inheritSecurityPolicies
- A flag indicating whether all scoped security policies should be checked (true) or whether a normal access check (first available policy) should be done (false).roles
- A Map of role name strings for which the policies are to be evaluated.public static boolean isAccessAllowed(P13nResource aResource, P13nContextHandler aRequestContext, Map roles)
aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.aRequestContext
- The optional input object containing supplemental information for role mappping and authorization providers. Must be valid if any role policies are dependent on a custom predicate for their evaluation. If potential roles contain an ExpressionPredicate, aRequestContext must contain an EntitlementRequest.roles
- A map of role name strings for which the policies are to be evaluated.public static boolean isAccessAllowed(Subject aSubject, P13nResource aResource, P13nContextHandler aRequestContext, boolean inheritSecurityPolicies, Map roles)
aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.aSubject
- The optional subject to check access for. If not provided, current subject on request will be used.aRequestContext
- The optional input object containing supplemental information for role mappping and authorization providers. Must be valid if any role policies are dependent on a custom predicate for their evaluation. If potential roles contain an ExpressionPredicate, aRequestContext must contain an EntitlementRequest.inheritSecurityPolicies
- A flag indicating whether all scoped security policies should be checked (true) or whether a normal access check (first available policy) should be done (false).roles
- List of rolespublic static boolean isUserInRole(String aRoleName, P13nResource aResource, P13nContextHandler aRequestContext)
aRoleName
- The requested role name.aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.aRequestContext
- The optional input object containing supplemental information for role mappping and authorization providers. Must be valid if any role policies are dependent on a custom predicate for their evaluation. If potential roles contain an ExpressionPredicate, aRequestContext must contain an EntitlementRequest.public static boolean isUserInRole(String aRoleName, Map aRoleMap)
aRoleName
- The requested role name.aRoleMap
- A Map of roles as computed by the getRoles() method.public static boolean isProtectedResource(P13nResource aResource)
aResource
- An instance of a P13n resource from the com.bea.p13n.entitlements.resource package. This object identifies the resource for which scoped roles will drawn from.
|
Oracle Fusion Middleware Java API for Oracle WebLogic Portal 10g Release 3 (10.3.2) E14255-01 |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Copyright © 2010, Oracle. All rights reserved.