Package io.aeron.security

Interface AuthorisationService

All Known Implementing Classes:

SimpleAuthorisationService

Functional Interface:

This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.

@FunctionalInterface
public interface AuthorisationService

Interface for an authorisation service to handle authorisation checks of clients performing actions on a system.

See Also:

• AuthorisationServiceSupplier

Field Summary

Fields

Modifier and Type	Field	Description
static final AuthorisationService	ALLOW_ALL	An AuthorisationService instance that allows every action.
static final AuthorisationService	DENY_ALL	An AuthorisationService instance that forbids all actions.

Method Summary

Modifier and Type	Method	Description
boolean	isAuthorised(int protocolId, int actionId, Object type, byte[] encodedPrincipal)	Checks if the client with authenticated credentials is allowed to perform an operation indicated by the given actionId.

Field Details

ALLOW_ALL

static final AuthorisationService ALLOW_ALL

An AuthorisationService instance that allows every action.

DENY_ALL

static final AuthorisationService DENY_ALL

An AuthorisationService instance that forbids all actions.

Method Details

isAuthorised

boolean isAuthorised(int protocolId,
 int actionId,
 Object type,
 byte[] encodedPrincipal)

Checks if the client with authenticated credentials is allowed to perform an operation indicated by the given actionId.

Parameters:

protocolId - of the protocol to which the action belongs, e.g. a SBE schema id.

actionId - of the command being checked, e.g. a SBE message template id.

type - optional type for the command being checked, may be null. For example for an admin request in the cluster it will contain AdminRequestType value which denotes the exact kind of the request.

encodedPrincipal - that has been authenticated.

Returns:

true if the client is authorised to execute the action or false otherwise.