|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.glite.security.authz.SimpleServicePIP
Simple ServicePIP implementation maintaining Subject DN to role mappings.
ServicePIP
Field Summary | |
static java.lang.String |
ROLE_MAPPINGS
This configuration property should point to a user (Subject DN) keyed Map of arrays of Strings representing roles. |
static java.lang.String |
ROLES
The name of the attribute used to set the matching roles. |
Constructor Summary | |
SimpleServicePIP()
|
Method Summary | |
void |
close()
this method is called by the PDP framework to indicate that the interceptor now should remove all state that was allocated in the initialize call. |
void |
collectAttributes(javax.security.auth.Subject peerSubject,
javax.xml.rpc.handler.MessageContext context,
javax.xml.namespace.QName operation)
collects attributes and populates the subject with public or private credentials to be checked by subsequent PDPs in the same interceptor chain. |
void |
initialize(ChainConfig config,
java.lang.String name,
java.lang.String id)
initializes the interceptor with configuration information that are valid up until the point when close is called. |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final java.lang.String ROLE_MAPPINGS
public static final java.lang.String ROLES
Constructor Detail |
public SimpleServicePIP()
Method Detail |
public void initialize(ChainConfig config, java.lang.String name, java.lang.String id) throws InitializeException
initialize
in interface ServiceInterceptor
config
- holding interceptor specific configuration values, that
may be obtained using the name paramtername
- the name that should be used to access all the interceptor
local configurationid
- the id in common for all interceptors in a chain (it is valid
up until close is called)
if close is not called the interceptor may assume that the id
still exists after a process restart
InitializeException
- if role mappings were not setpublic void collectAttributes(javax.security.auth.Subject peerSubject, javax.xml.rpc.handler.MessageContext context, javax.xml.namespace.QName operation) throws AttributeException
collectAttributes
in interface ServicePIP
peerSubject
- authenticated subject for which attributes
should be collectedcontext
- holds properties of this XML message exchangeoperation
- operation that the subject wants to invoke
AttributeException
- if an exception occurred while getting
the attributespublic void close() throws CloseException
close
in interface ServiceInterceptor
CloseException
- if exception occured when closing this PIP
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |