org.jboss.security.javaee
Class AbstractWebAuthorizationHelper
java.lang.Object
org.jboss.security.javaee.AbstractJavaEEHelper
org.jboss.security.javaee.AbstractWebAuthorizationHelper
public abstract class AbstractWebAuthorizationHelper
- extends AbstractJavaEEHelper
Abstract Web Authorization Helper
- Since:
- Apr 17, 2008
- Version:
- $Revision$
- Author:
- Anil.Saldhana@redhat.com
Method Summary |
abstract boolean |
checkResourcePermission(Map<String,Object> contextMap,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
Subject callerSubject,
String contextID,
String canonicalRequestURI)
Validate that the caller has the permission to access a web resource |
abstract boolean |
hasRole(String roleName,
Principal principal,
String servletName,
Set<Principal> principalRoles,
String contextID,
Subject callerSubject)
Validate that the caller has the required role to access a resource |
abstract boolean |
hasUserDataPermission(Map<String,Object> contextMap,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
String contextID,
Subject callerSubject)
Validate whether the transport constraints are met by the caller |
boolean |
isEnableAudit()
|
void |
setEnableAudit(boolean enableAudit)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
enableAudit
protected boolean enableAudit
AbstractWebAuthorizationHelper
public AbstractWebAuthorizationHelper()
isEnableAudit
public boolean isEnableAudit()
setEnableAudit
public void setEnableAudit(boolean enableAudit)
checkResourcePermission
public abstract boolean checkResourcePermission(Map<String,Object> contextMap,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
Subject callerSubject,
String contextID,
String canonicalRequestURI)
- Validate that the caller has the permission to access a web resource
- Parameters:
contextMap
- request
- response
- callerSubject
- contextID
- canonicalRequestURI
-
- Returns:
- true - permitted
- Throws:
IllegalArgumentException
- request, response, callerSubject, contextID or canonicalRequestURI is null
IllegalStateException
- Authorization Manager from Security Context is null
hasRole
public abstract boolean hasRole(String roleName,
Principal principal,
String servletName,
Set<Principal> principalRoles,
String contextID,
Subject callerSubject)
- Validate that the caller has the required role to access a resource
- Parameters:
roleName
- principal
- servletName
- principalRoles
- contextID
- callerSubject
-
- Returns:
-
- Throws:
IllegalArgumentException
- roleName, contextID, callerSubject is null
IllegalStateException
- Authorization Manager from Security Context is null
hasUserDataPermission
public abstract boolean hasUserDataPermission(Map<String,Object> contextMap,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
String contextID,
Subject callerSubject)
- Validate whether the transport constraints are met by the caller
- Parameters:
contextMap
- request
- response
- contextID
- callerSubject
-
- Returns:
-
- Throws:
IllegalArgumentException
- request, response, callerSubject or contextID is null
IllegalStateException
- Authorization Manager from Security Context is null
Copyright © 2011 JBoss Inc.. All Rights Reserved.