org.glite.security.authz.providers
Class DenyOverridesChain

java.lang.Object
  extended byorg.glite.security.authz.providers.AbstractChain
      extended byorg.glite.security.authz.providers.DenyOverridesChain
All Implemented Interfaces:
ServiceAuthorizationChainSpi

public class DenyOverridesChain
extends AbstractChain

The DenyOverridesChain class ties together and evaluates chains of ServicePDP and ServicePIP implementations. The chain is evaluated in a strict configuration determined order. If any PIP or PDP throws an Exception the evaluation is stopped, and the Exception is propagated back to the client. If a PDP returns normally the evaluation continues with the next interceptor in the chain. If at least one PDP returns true and the rest return false the ichain result is true (permit). Chains can also be linked, in which case the parent chain is evaluated before the child chain. See the ServiceAuthorizationChainSpi documentation for information about the individual operations.


Constructor Summary
DenyOverridesChain()
           
 
Methods inherited from class org.glite.security.authz.providers.AbstractChain
engineAuthorize, engineClose, engineGetPolicy, engineGetPolicyNames, engineInitialize, engineIsPermitted, engineSetParent, engineSetPolicy
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DenyOverridesChain

public DenyOverridesChain()