org.glite.security.authz.providers
Class PermitOverridesChain

java.lang.Object
  extended byorg.glite.security.authz.providers.AbstractChain
      extended byorg.glite.security.authz.providers.PermitOverridesChain
All Implemented Interfaces:
ServiceAuthorizationChainSpi

public class PermitOverridesChain
extends AbstractChain

The PermitOverridesChain class ties together and evaluates chains of ServicePDP and ServicePIP implementations. The chain is evaluated in a strict configuration determined order. If any PIP throws an Exception or a PDP returns true the evaluation is stopped. The PIP Exception is propagated back to the client. If a PDP throws an Authorization Exception or returns false evaluation continues with the next interceptor in the chain. If at least one PDP throws an Authorization exception and the rest return false the chain result is deny and the exception will be propagated back to the client. Chains can also be linked, in which case the parent chain is evaluated before the child chain. See the ServiceAuthorizationChainSpi documentation for information about the individual operations.


Constructor Summary
PermitOverridesChain()
           
 
Methods inherited from class org.glite.security.authz.providers.AbstractChain
engineAuthorize, engineClose, engineGetPolicy, engineGetPolicyNames, engineInitialize, engineIsPermitted, engineSetParent, engineSetPolicy
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PermitOverridesChain

public PermitOverridesChain()