Package org.glassfish.security.services.api.authorization

Interface RoleMappingService

All Superinterfaces:

SecurityService

All Known Implementing Classes:

RoleMappingServiceImpl

@Contract
public interface RoleMappingService
extends SecurityService

The RoleMappingService provides functions that determine a user's role.

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static interface	RoleMappingService.RoleDeploymentContext	This interface represents a RoleDeploymentContext as returned by the Role Mapping Service's findOrCreateDeploymentContext() method.

Method Summary

Modifier and Type	Method	Description
RoleMappingService.RoleDeploymentContext	findOrCreateDeploymentContext(String appContext)	Find an existing RoleDeploymentContext, or create a new one if one does not already exist for the specified application context.
boolean	isUserInRole(String appContext, Subject subject, URI resource, String role)	Determine whether the user (Subject) has the indicated role for a given resource (URI) and application context.
boolean	isUserInRole(String appContext, AzSubject subject, AzResource resource, String role)	Determine whether the user (AzSubject) has the indicated role for a given resource (AzResource) and application context.

Methods inherited from interface org.glassfish.security.services.api.SecurityService

initialize

Method Detail

isUserInRole

boolean isUserInRole(String appContext,
                     Subject subject,
                     URI resource,
                     String role)

Determine whether the user (Subject) has the indicated role for a given resource (URI) and application context.

Parameters:

appContext - The application context for the query (can be null).

subject - The target Subject.

resource - The URI resource for the query.

role - The target role.

Returns:

true if the user has the specified role.

Throws:

IllegalArgumentException - for a null subject or resource

IllegalStateException - if the service was not initialized.

isUserInRole

boolean isUserInRole(String appContext,
                     AzSubject subject,
                     AzResource resource,
                     String role)

Determine whether the user (AzSubject) has the indicated role for a given resource (AzResource) and application context.

Parameters:

appContext - The application context for the query (can be null).

subject - The target AzSubject.

resource - The AzResource for the query.

role - The target role.

Returns:

true if the user has the specified role.

Throws:

IllegalArgumentException - for a null subject or resource

IllegalStateException - if the service was not initialized.

findOrCreateDeploymentContext

RoleMappingService.RoleDeploymentContext findOrCreateDeploymentContext(String appContext)

Find an existing RoleDeploymentContext, or create a new one if one does not already exist for the specified application context. The role deployment context will be returned in an "open" state, and will stay that way until commit() or delete() is called.

Parameters:

appContext - The application context for which the RoleDeploymentContext is desired.

Returns:

The resulting RoleDeploymentContext or null if the configured providers do not support this feature.

Throws:

IllegalStateException - if the service was not initialized.