Class SimpleAuthorizationProviderImpl
java.lang.Object
org.glassfish.security.services.provider.authorization.SimpleAuthorizationProviderImpl
- All Implemented Interfaces:
AuthorizationProvider,SecurityProvider
@Service(name="simpleAuthorization")
@PerLookup
public class SimpleAuthorizationProviderImpl
extends Object
implements AuthorizationProvider
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionprotected classChooses what authorization decision to render. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected SimpleAuthorizationProviderImpl.DeciderfindOrCreateDeploymentContext(String appContext) Finds an existing PolicyDeploymentContext, or create a new one if one does not already exist for the specified appContext.getAuthorizationDecision(AzSubject subject, AzResource resource, AzAction action, AzEnvironment environment, List<AzAttributeResolver> attributeResolvers) Evaluates the specified subject, resource, action, and environment against the body of policy managed by this provider and returns an access control result.voidinitialize(SecurityProvider providerConfig) Initialize the security provider instance with the specific security provider configuration.
-
Constructor Details
-
SimpleAuthorizationProviderImpl
public SimpleAuthorizationProviderImpl()
-
-
Method Details
-
initialize
Description copied from interface:SecurityProviderInitialize the security provider instance with the specific security provider configuration.- Specified by:
initializein interfaceSecurityProvider
-
createDecider
-
getAuthorizationDecision
public AzResult getAuthorizationDecision(AzSubject subject, AzResource resource, AzAction action, AzEnvironment environment, List<AzAttributeResolver> attributeResolvers) Description copied from interface:AuthorizationProviderEvaluates the specified subject, resource, action, and environment against the body of policy managed by this provider and returns an access control result.- Specified by:
getAuthorizationDecisionin interfaceAuthorizationProvider- Parameters:
subject- The attributes collection representing the Subject for which an authorization decision is requested.resource- The attributes collection representing the resource for which access is being requested.action- The attributes collection representing the action, with respect to the resource, for which access is being requested. A null action is interpreted as all actions, however all actions may also be represented by the AzAction instance. SeeAzActionenvironment- The attributes collection representing the environment, or context, in which the access decision is being requested, null if none.attributeResolvers- The ordered list of attribute resolvers, for run time determination of missing attributes, null if none.- Returns:
- The AzResult indicating the result of the access decision.
- See Also:
-
findOrCreateDeploymentContext
public AuthorizationService.PolicyDeploymentContext findOrCreateDeploymentContext(String appContext) Description copied from interface:AuthorizationProviderFinds an existing PolicyDeploymentContext, or create a new one if one does not already exist for the specified appContext. The context will be returned in an "open" state, and will stay that way until commit() or delete() is called.- Specified by:
findOrCreateDeploymentContextin interfaceAuthorizationProvider- Parameters:
appContext- The application context for which the PolicyDeploymentContext is desired.- Returns:
- The resulting PolicyDeploymentContext, null if this provider does not support this feature.
- See Also:
-