Class SimpleAuthorizationProviderImpl
java.lang.Object
org.glassfish.security.services.provider.authorization.SimpleAuthorizationProviderImpl
- All Implemented Interfaces:
AuthorizationProvider
,SecurityProvider
@Service(name="simpleAuthorization")
@PerLookup
public class SimpleAuthorizationProviderImpl
extends Object
implements AuthorizationProvider
-
Nested Class Summary
Modifier and TypeClassDescriptionprotected class
Chooses what authorization decision to render. -
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected SimpleAuthorizationProviderImpl.Decider
findOrCreateDeploymentContext
(String appContext) Finds an existing PolicyDeploymentContext, or create a new one if one does not already exist for the specified appContext.getAuthorizationDecision
(AzSubject subject, AzResource resource, AzAction action, AzEnvironment environment, List<AzAttributeResolver> attributeResolvers) Evaluates the specified subject, resource, action, and environment against the body of policy managed by this provider and returns an access control result.void
initialize
(SecurityProvider providerConfig) Initialize the security provider instance with the specific security provider configuration.
-
Constructor Details
-
SimpleAuthorizationProviderImpl
public SimpleAuthorizationProviderImpl()
-
-
Method Details
-
initialize
Description copied from interface:SecurityProvider
Initialize the security provider instance with the specific security provider configuration.- Specified by:
initialize
in interfaceSecurityProvider
-
createDecider
-
getAuthorizationDecision
public AzResult getAuthorizationDecision(AzSubject subject, AzResource resource, AzAction action, AzEnvironment environment, List<AzAttributeResolver> attributeResolvers) Description copied from interface:AuthorizationProvider
Evaluates the specified subject, resource, action, and environment against the body of policy managed by this provider and returns an access control result.- Specified by:
getAuthorizationDecision
in interfaceAuthorizationProvider
- Parameters:
subject
- The attributes collection representing the Subject for which an authorization decision is requested.resource
- The attributes collection representing the resource for which access is being requested.action
- The attributes collection representing the action, with respect to the resource, for which access is being requested. A null action is interpreted as all actions, however all actions may also be represented by the AzAction instance. See
.AzAction
environment
- The attributes collection representing the environment, or context, in which the access decision is being requested, null if none.attributeResolvers
- The ordered list of attribute resolvers, for run time determination of missing attributes, null if none.- Returns:
- The AzResult indicating the result of the access decision.
- See Also:
-
findOrCreateDeploymentContext
public AuthorizationService.PolicyDeploymentContext findOrCreateDeploymentContext(String appContext) Description copied from interface:AuthorizationProvider
Finds an existing PolicyDeploymentContext, or create a new one if one does not already exist for the specified appContext. The context will be returned in an "open" state, and will stay that way until commit() or delete() is called.- Specified by:
findOrCreateDeploymentContext
in interfaceAuthorizationProvider
- Parameters:
appContext
- The application context for which the PolicyDeploymentContext is desired.- Returns:
- The resulting PolicyDeploymentContext, null if this provider does not support this feature.
- See Also:
-