Package org.glite.security.authz

This package contains the core gLite Authorization Framework providing an abstract policy evaluation runtime for integrating various policy engines with attribute authorities.

See:
          Description

Interface Summary
ChainConfig This interface is used to encapsulate and shield the interceptor configuration mechanism from the core PDP framework.
ServiceAuthorizationChainSpi The ServiceAuthorizationChainSpi is the interface that should be implemented by ServiceAuthorizationChain providers.
ServiceInterceptor Generic interface to be implemented by all interceptors (PIPs and PDPs) in a chain.
ServicePAP Interface that must be implemented by all PAPs in an interceptor chain A PAP is responsible for setting and retrieving policies to clients (typically services or PEPs) ServiceInterceptor through the id parameter.
ServicePDP Interface that must be implemented by all PDPs in an interceptor chain A PDP is responsible for making decisions whether a subject is allowed to invoke a certain operation.
ServicePIP The ServicePIP interface should be implemeted by interceptors that are responsible for collecting attributes for subject that later on can be used by PDPs to determine whether the subject is allowed to invoke the requested operation.
 

Class Summary
AuthzConstants Constants collection.
AuthzUtil Utility class with miscellaneous authorizaion utilities.
InterceptorConfig The InterceptorConfig class is used to hold configuration information about an interceptor in a configuration mechanism independent way.
PIPAttribute This class represents an attribute that is collected by a ServicePIP implementation, and put into the javax.security.auth.Subject public or private credentials, in order to later be read by ServicePDP implementations It is recommended to subclass this class for faster lookups of attributes of a specific type.
ServiceAuthorizationChain The ServiceAuthorizationChain class ties together and evaluates chains of ServicePDP and ServicePIP implementations.
SimpleChainConfig Simple ChainConfig implementation allowing configuration properties to be set at runtime.
SimpleMessageContext Simple JAX-RPC MessageContext implementation to allow the authorization framework to be used outside of a full JAX-RPC engine implementation.
SimpleServicePDP Simple ServicePDP implementation allowing role permissions and blacklists to be set.
SimpleServicePIP Simple ServicePIP implementation maintaining Subject DN to role mappings.
VomsPDPPolicy  
 

Exception Summary
AttributeException This exception is thrown when an exception occured during attribute collection.
AuthorizationException This exception is thrown to stop the evaluation of an authorization chain.
CloseException This exception is thrown when an exception occured when closing down an interceptor chain.
ConfigException This exception is thrown when congiguration is missing or incorrect.
InitializeException This exception is thrown when an exception occurs during initialization.
InvalidPolicyException This exception is thrown when an invalid policy was found.
 

Package org.glite.security.authz Description

This package contains the core gLite Authorization Framework providing an abstract policy evaluation runtime for integrating various policy engines with attribute authorities.

Since:
1.0