CommandSecurityChecker (Payara Project 5.182 API)

java.lang.Object
- com.sun.enterprise.admin.util.CommandSecurityChecker

All Implemented Interfaces:

org.glassfish.hk2.api.PostConstruct
```
@Service
 @Singleton
public class CommandSecurityChecker
extends Object
implements org.glassfish.hk2.api.PostConstruct
```
Utility class which checks if the Subject is allowed to execute the specified command.
The processing includes AccessRequired} annotations, CRUD commands, RestEndpoint annotations, and if the command class implements AdminCommandSecurity.AccessCheckProvider it also invokes the corresponding getAccessChecks method. To succeed the overall authorization all access checks - whether inferred from annotations or returned from getAccessChecks - for which isFailureFatal is true must pass.

Author:

tjquinn

Constructor Summary

Constructors
Constructor and Description

CommandSecurityChecker()

Constructors
Constructor and Description
`CommandSecurityChecker()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`authorize(Subject subject, Map<String,Object> env, AdminCommand command, AdminCommandContext adminCommandContext)` Reports whether the Subject is allowed to perform the specified admin command.
`Collection<? extends AccessRequired.AccessCheck>`	`getAccessChecks(AdminCommand command, Subject subject)` Returns all AccessCheck objects which apply to the specified command.
`void`	`postConstruct()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- CommandSecurityChecker
```
public CommandSecurityChecker()
```

Method Detail

postConstruct
```
public void postConstruct()
```
Specified by:

postConstruct in interface org.glassfish.hk2.api.PostConstruct

authorize

public boolean authorize(Subject subject,
                         Map<String,Object> env,
                         AdminCommand command,
                         AdminCommandContext adminCommandContext)
                  throws SecurityException

Reports whether the Subject is allowed to perform the specified admin command.

Parameters:: subject - Subject for the current user to authorize; env - environmental settings that might be used in the resource name expression; command - the admin command the Subject wants to execute
Returns:
Throws:: SecurityException

getAccessChecks

public Collection<? extends AccessRequired.AccessCheck> getAccessChecks(AdminCommand command,
                                                                        Subject subject)
                                                                 throws NoSuchFieldException,
                                                                        IllegalArgumentException,
                                                                        IllegalAccessException

Returns all AccessCheck objects which apply to the specified command.

Parameters:: command - the AdminCommand for which the AccessChecks are needed; subject - the Subject resulting from successful authentication
Returns:: the AccessChecks resulting from analyzing the command
Throws:: NoSuchFieldException; IllegalArgumentException; IllegalAccessException

Class CommandSecurityChecker

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

CommandSecurityChecker

Method Detail

postConstruct

authorize

getAccessChecks