Class SimpleAuthorizationProviderImpl
- java.lang.Object
-
- org.glassfish.security.services.provider.authorization.SimpleAuthorizationProviderImpl
-
- All Implemented Interfaces:
AuthorizationProvider
,SecurityProvider
@Service(name="simpleAuthorization") @PerLookup public class SimpleAuthorizationProviderImpl extends Object implements AuthorizationProvider
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description protected class
SimpleAuthorizationProviderImpl.Decider
Chooses what authorization decision to render.
-
Constructor Summary
Constructors Constructor Description SimpleAuthorizationProviderImpl()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected SimpleAuthorizationProviderImpl.Decider
createDecider()
AuthorizationService.PolicyDeploymentContext
findOrCreateDeploymentContext(String appContext)
Finds an existing PolicyDeploymentContext, or create a new one if one does not already exist for the specified appContext.AzResult
getAuthorizationDecision(AzSubject subject, AzResource resource, AzAction action, AzEnvironment environment, List<AzAttributeResolver> attributeResolvers)
Evaluates the specified subject, resource, action, and environment against the body of policy managed by this provider and returns an access control result.void
initialize(SecurityProvider providerConfig)
Initialize the security provider instance with the specific security provider configuration.
-
-
-
Method Detail
-
initialize
public void initialize(SecurityProvider providerConfig)
Description copied from interface:SecurityProvider
Initialize the security provider instance with the specific security provider configuration.- Specified by:
initialize
in interfaceSecurityProvider
-
createDecider
protected SimpleAuthorizationProviderImpl.Decider createDecider()
-
getAuthorizationDecision
public AzResult getAuthorizationDecision(AzSubject subject, AzResource resource, AzAction action, AzEnvironment environment, List<AzAttributeResolver> attributeResolvers)
Description copied from interface:AuthorizationProvider
Evaluates the specified subject, resource, action, and environment against the body of policy managed by this provider and returns an access control result.- Specified by:
getAuthorizationDecision
in interfaceAuthorizationProvider
- Parameters:
subject
- The attributes collection representing the Subject for which an authorization decision is requested.resource
- The attributes collection representing the resource for which access is being requested.action
- The attributes collection representing the action, with respect to the resource, for which access is being requested. A null action is interpreted as all actions, however all actions may also be represented by the AzAction instance. See
.AzAction
environment
- The attributes collection representing the environment, or context, in which the access decision is being requested, null if none.attributeResolvers
- The ordered list of attribute resolvers, for run time determination of missing attributes, null if none.- Returns:
- The AzResult indicating the result of the access decision.
- See Also:
AuthorizationService.getAuthorizationDecision(org.glassfish.security.services.api.authorization.AzSubject, org.glassfish.security.services.api.authorization.AzResource, org.glassfish.security.services.api.authorization.AzAction)
-
findOrCreateDeploymentContext
public AuthorizationService.PolicyDeploymentContext findOrCreateDeploymentContext(String appContext)
Description copied from interface:AuthorizationProvider
Finds an existing PolicyDeploymentContext, or create a new one if one does not already exist for the specified appContext. The context will be returned in an "open" state, and will stay that way until commit() or delete() is called.- Specified by:
findOrCreateDeploymentContext
in interfaceAuthorizationProvider
- Parameters:
appContext
- The application context for which the PolicyDeploymentContext is desired.- Returns:
- The resulting PolicyDeploymentContext, null if this provider does not support this feature.
- See Also:
AuthorizationService.findOrCreateDeploymentContext(String)
-
-