Next: Example of a complete
Up: Authorization Filter
Previous: Internal structure
The configuration parameters of the Authorization Filter are specified in a
text file, in ``key=value'' format. This file is loaded upon startup and
its content overrides the default values hardwired in the code.
Parameters:
- authzManagerConfig: mandatory.
String value that indicates the pathname of the XML configuration file for the
Authorization Manager.
- authzManagerConfigElement: optional.
String value that indicates the name of the XML element, in the XML
configuration file, that contains the Authorization Manager definition.
The default value is the root element.
- log4jConfigFile: mandatory.
String value that indicates the pathname of the configuration file to be used
by log4j.
- IsSilent: optional.
Boolean value (`yes'/`no') that indicates if the amount of log information
must be very small. The default value is `no'.
- DefaultPolicy: optional.
String value that indicates the name of the Policy in Authorization Manager
to be used by default by the Authorization Filter. This Policy is used when
the incoming servlet request does not contain any parameter specifying the
Policy requested by the client. The default value is `null', meaning the
Authorization Filter uses the default Policy of the Authorization Manager.
- RoleParameterName: optional.
String value that indicates the name of the parameter of the servlet request
that contains the role requested by the client. The default value is
`user_role'.
- PolicyParameterName: optional.
String value that indicates the name of the parameter of the servlet request
that contains the Policy requested by the client. The default value is
`auth_policy'.
- DeniedURLParameter: optional.
String value that indicates the name of the parameter of the servlet request
that is reserved for the Authorization Filter to store the result of the
authorization decision. If such a parameter is already used in the servlet
request the Authorization Filter blocks and terminates the request.
The default value is `connection'.
- FailureFormat: optional.
String value that indicates the syntax of the response to send back to the
client in case of failed authorization. The default value is `HTTP'. The
only other acceptable value is `XML'.
- RequestWrapperClass: optional.
String value that indicates the name of the Java class to be used for the
manipulation of the servlet request, specifically to insert the parameter
containing the result of the authorization decision. The default value is
`org.edg.security.authorization.ServletRequestWrapper'.
- AuthorizedRole: optional.
String value that indicates the only role authorized to change the
configuration of the Authorization Manager.
The default value is `Administrator'.
- AuthorizedPolicy: optional.
String value that indicates the only Policy to be used for the authorization
of incoming client requests directed to the Administration GUI.
The default value is `adminPolicy'.
Subsections
Next: Example of a complete
Up: Authorization Filter
Previous: Internal structure
2004-07-02