org.jboss.security.javaee
Class AbstractEJBAuthorizationHelper

java.lang.Object
  extended by org.jboss.security.javaee.AbstractJavaEEHelper
      extended by org.jboss.security.javaee.AbstractEJBAuthorizationHelper

public abstract class AbstractEJBAuthorizationHelper
extends AbstractJavaEEHelper

EJB Authorization Helper

Since:
Apr 17, 2008
Version:
$Revision$
Author:
Anil.Saldhana@redhat.com

Field Summary
protected  String version
           
 
Fields inherited from class org.jboss.security.javaee.AbstractJavaEEHelper
policyRegistration, securityContext
 
Constructor Summary
AbstractEJBAuthorizationHelper()
           
 
Method Summary
abstract  boolean authorize(String ejbName, Method ejbMethod, Principal ejbPrincipal, String invocationInterfaceString, CodeSource ejbCS, Subject callerSubject, RunAs callerRunAs, String contextID, RoleGroup methodRoles)
          Authorize the EJB Invocation
abstract  String getEJBVersion()
          Get the EJB Version
abstract  boolean isCallerInRole(String roleName, String ejbName, Principal ejbPrincipal, Subject callerSubject, String contextID, Set<SecurityRoleRef> securityRoleRefs)
          Check if the caller is in any of the roles
abstract  boolean isCallerInRole(String roleName, String ejbName, Principal ejbPrincipal, Subject callerSubject, String contextID, Set<SecurityRoleRef> securityRoleRefs, boolean enforceEJBRestrictions)
          Enforce EJB 1.1 restrictions that the role being checked has to be in the deployment descriptor
abstract  void setEJBVersion(String ejbVersion)
          Set the EJB Version
 
Methods inherited from class org.jboss.security.javaee.AbstractJavaEEHelper
audit, authorizationAudit, getCallerPrincipal, getContextMap, getPolicyRegistration, getSecurityContext, setPolicyRegistration, setSecurityContext
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

version

protected String version
Constructor Detail

AbstractEJBAuthorizationHelper

public AbstractEJBAuthorizationHelper()
Method Detail

getEJBVersion

public abstract String getEJBVersion()
Get the EJB Version

Returns:

setEJBVersion

public abstract void setEJBVersion(String ejbVersion)
Set the EJB Version

Parameters:
ejbVersion -

authorize

public abstract boolean authorize(String ejbName,
                                  Method ejbMethod,
                                  Principal ejbPrincipal,
                                  String invocationInterfaceString,
                                  CodeSource ejbCS,
                                  Subject callerSubject,
                                  RunAs callerRunAs,
                                  String contextID,
                                  RoleGroup methodRoles)
Authorize the EJB Invocation

Parameters:
ejbName -
ejbMethod -
ejbPrincipal -
invocationInterfaceString -
ejbCS -
callerSubject -
callerRunAs -
contextID -
methodRoles -
Returns:
true - subject is authorized
Throws:
IllegalStateException - Authorization Manager from SecurityContext is null
IllegalArgumentException - ejbName, ejbMethod, ejbCS, contextID is null

isCallerInRole

public abstract boolean isCallerInRole(String roleName,
                                       String ejbName,
                                       Principal ejbPrincipal,
                                       Subject callerSubject,
                                       String contextID,
                                       Set<SecurityRoleRef> securityRoleRefs)
Check if the caller is in any of the roles

Parameters:
roleName -
ejbName -
ejbPrincipal -
callerSubject -
contextID -
securityRoleRefs -
Returns:
true - caller is in the role
Throws:
IllegalStateException - Authorization Manager from SecurityContext is null
IllegalArgumentException - roleName, ejbName, contextID is null

isCallerInRole

public abstract boolean isCallerInRole(String roleName,
                                       String ejbName,
                                       Principal ejbPrincipal,
                                       Subject callerSubject,
                                       String contextID,
                                       Set<SecurityRoleRef> securityRoleRefs,
                                       boolean enforceEJBRestrictions)
Enforce EJB 1.1 restrictions that the role being checked has to be in the deployment descriptor

Parameters:
roleName -
ejbName -
ejbPrincipal -
callerSubject -
contextID -
securityRoleRefs -
enforceEJBRestrictions -
Returns:
true - caller is in the role
Throws:
IllegalStateException - Authorization Manager from SecurityContext is null
IllegalArgumentException - roleName, ejbName, contextID is null


Copyright © 2011 JBoss Inc.. All Rights Reserved.