Authorizer (OpenSSO Public API)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.sun.identity.liberty.ws.interfaces
Interface Authorizer

public interface Authorizer

This class Authorizer is an interface for identity service to check authorization of a WSC.

Field Summary
`static String`	`AUTH_TYPE` Key of a parameter Map which contains information useful for policy evaluation.
`static String`	`MESSAGE` Key of a parameter Map which contains information useful for policy evaluation.
`static String`	`USER_ID` Key of a parameter Map which contains information useful for policy evaluation.

Method Summary
`Object`	`getAuthorizationDecision(Object credential, String action, Object data, Map env)` Returns authorization decision for the given action(query or modify) and to the given select data
`boolean`	`isAuthorized(Object credential, String action, Object data, Map env)` Checks if the `WSC` is authorized to query or modify the select data.

Field Detail

USER_ID

static final String USER_ID

Key of a parameter Map which contains information useful for policy evaluation. The value of this key is id of the user whose resource id being accessed.

See Also:: Constant Field Values

AUTH_TYPE

static final String AUTH_TYPE

Key of a parameter Map which contains information useful for policy evaluation. The value of this key is the authentication mechanism web service consumer used.

See Also:: Constant Field Values

MESSAGE

static final String MESSAGE

Key of a parameter Map which contains information useful for policy evaluation. The value of this key is com.sun.identity.liberty.ws.soapbinding.Message.

See Also:: Constant Field Values

Method Detail

isAuthorized

boolean isAuthorized(Object credential,
                     String action,
                     Object data,
                     Map env)

Checks if the WSC is authorized to query or modify the select data.

Parameters:: credential - credential of a WSC.; action - request action.; data - Object who is being accessed.; env - A Map contains information useful for policy evaluation. The following key is defined and its value should be passed in: Key: USER_ID Value: id of the user whose resource is being accessed. Key: AUTH_TYPE Value: The authentication mechanism WSC used. Key: MESSAGE Value: com.sun.identity.liberty.ws.soapbinding.Message.
Returns:: true if the WSC is authorized.

getAuthorizationDecision

Object getAuthorizationDecision(Object credential,
                                String action,
                                Object data,
                                Map env)

Returns authorization decision for the given action(query or modify) and to the given select data

Parameters:: credential - credential of a WSC.; action - request action.; data - Object who is being accessed.; env - A Map contains information useful for policy evaluation. The following key is defined and its value should be passed in: Key: USER_ID Value: id of the user whose resource is being accessed. Key: AUTH_TYPE Value: The authentication mechanism WSC used. Key: MESSAGE Value: com.sun.identity.liberty.ws.soapbinding.Message.
Returns:: AuthorizationDecision object contains authorization decision information for the given resource.
Throws:: Exception