org.glite.security.authz
Interface ServicePIP
- All Superinterfaces:
- ServiceInterceptor
- All Known Implementing Classes:
- SimpleServicePIP
- public interface ServicePIP
- extends ServiceInterceptor
The ServicePIP
interface should be implemeted by
interceptors that are responsible for collecting attributes
for subject that later on can be used by PDPs to determine
whether the subject is allowed to invoke the requested operation.
The ServicePIPs can be put into interceptor chains together with PDPs.
- See Also:
ServicePDP
,
ServiceAuthorizationChain
Method Summary |
void |
collectAttributes(javax.security.auth.Subject peerSubject,
javax.xml.rpc.handler.MessageContext context,
javax.xml.namespace.QName operation)
collects attributes and populates the subject with
public or private credentials to be checked by subsequent
PDPs in the same interceptor chain. |
collectAttributes
public void collectAttributes(javax.security.auth.Subject peerSubject,
javax.xml.rpc.handler.MessageContext context,
javax.xml.namespace.QName operation)
throws AttributeException
- collects attributes and populates the subject with
public or private credentials to be checked by subsequent
PDPs in the same interceptor chain.
- Parameters:
peerSubject
- authenticated subject for which attributes
should be collectedcontext
- holds properties of this XML message exchangeoperation
- operation that the subject wants to invoke
- Throws:
AttributeException
- if an error occured while collecting
the attributes