|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.glite.security.authz.pdp.GridMapServicePDP
Simple ServicePDP implementation allowing role permissions and blacklists to be set.
ServicePDP
Field Summary | |
static java.lang.String |
GRID_MAP
Property used to set in-memory grid map. |
static java.lang.String |
GRID_MAP_FILE
Property used to set grid map file name. |
Constructor Summary | |
GridMapServicePDP()
|
Method Summary | |
void |
close()
this method is called by the PDP framework to indicate that the interceptor now should remove all state that was allocated in the initialize call. |
void |
initialize(ChainConfig config,
java.lang.String name,
java.lang.String id)
initializes the interceptor with configuration information that are valid up until the point when close is called. |
boolean |
isPermitted(javax.security.auth.Subject peerSubject,
javax.xml.rpc.handler.MessageContext context,
javax.xml.namespace.QName operation)
this operation is called by the PDP Framework whenever the application needs to call secured operations. |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final java.lang.String GRID_MAP
public static final java.lang.String GRID_MAP_FILE
Constructor Detail |
public GridMapServicePDP()
Method Detail |
public void initialize(ChainConfig config, java.lang.String name, java.lang.String id) throws InitializeException
initialize
in interface ServiceInterceptor
config
- holding interceptor specific configuration values, that
may be obtained using the name paramtername
- the name that should be used to access all the interceptor
local configurationid
- the id in common for all interceptors in a chain (it is valid
up until close is called)
if close is not called the interceptor may assume that the id
still exists after a process restart
InitializeException
- if gridmap was not foundpublic boolean isPermitted(javax.security.auth.Subject peerSubject, javax.xml.rpc.handler.MessageContext context, javax.xml.namespace.QName operation) throws AuthorizationException
isPermitted
in interface ServicePDP
peerSubject
- authenticated client subject with credentials
and attributescontext
- holds properties of this XML message exchangeoperation
- operation that the subject wants to invoke
AuthorizationException
- if an exception occured during evaluationpublic void close() throws CloseException
close
in interface ServiceInterceptor
CloseException
- if exception occured when closing this PDP
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |