Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

net.sf.jguard.authorization
Class AbstractAuthorizationManager

java.lang.Object
  extended bynet.sf.jguard.authorization.AbstractAuthorizationManager
All Implemented Interfaces:
AuthorizationManager, PermissionProvider
Direct Known Subclasses:
JdbcAuthorizationManager, XmlAuthorizationManager
public abstract class AbstractAuthorizationManager
extends java.lang.Object
implements AuthorizationManager

Abstract class inherited by all the AuthorizationManager implementations.

Author:
Charles Gay

Field Summary
protected  java.lang.String applicationName
           
protected  java.util.Map domains
           
protected  java.util.Set domainsSet
           
protected  java.util.Map principals
           
protected  java.util.Set principalsSet
           
protected  URLPermissionCollection urlp
           
 
Constructor Summary
AbstractAuthorizationManager()
           
 
Method Summary
 JGuardPrincipal cloneRole(java.lang.String roleName)
          clone a JGuardPrincipal/Role.
abstract  void createRole(JGuardPrincipal principal)
           
 java.security.PermissionCollection getPermissionCollection(java.util.Set userPrincipals)
          compare declared Principals in the application, with principals set of the user.
 java.util.Set getURLDomains(java.util.Collection domainNames)
          with a collection of domain names, provide the corresponding set of URLDomains.
 java.util.Set getURLPermissions(java.util.Collection permissionNames)
          with a collection of URLPermissions names, provide the corresponding set of URLPermissions.
abstract  void init(java.util.Map options)
          initialize AuthorizationManager implementation.
 java.util.Set listDomains()
          return Set of domains.
 URLDomain readDomain(java.lang.String domainName)
          return an URLDomain with its associated URLPermission set.
 java.security.Permission readPermission(java.lang.String permissionName)
          read an URLPermission.
 JGuardPrincipal readRole(java.lang.String roleName)
          return the corresponding application role.
 void refresh()
          refresh principals and permissions data.
protected  void removeDomainFromPrincipals(java.lang.String domainName)
          Remove the domain from all principals that have relationship with this domain.
protected  void removePermissionFromPrincipals(java.lang.String permissionName)
          Remove the permission from all principals that have relationship with this permission like a orphaned permission (directly), or through a domain (indirectly).
 void setApplicationName(java.lang.String applicationName)
          define the application's name, and propagate it into Principals.
protected  void updatePrincipals(URLDomain domain)
          Update the permissions from jGuardPrincipals that contains this domain.
protected  void updatePrincipals(URLDomain newDomain, java.lang.String oldDomainName)
          update the principal with this updated domain.
protected  void updatePrincipals(URLPermission permission)
          Update the permissions from jGuardPrincipals and the associated domain.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface net.sf.jguard.authorization.AuthorizationManager
createDomain, createPermission, createRole, deleteDomain, deletePermission, deleteRole, getInitParameters, listPermissions, listRoles, updateDomain, updatePermission, updateRole
 

Field Detail

applicationName

protected java.lang.String applicationName

principals

protected java.util.Map principals

principalsSet

protected java.util.Set principalsSet

domains

protected java.util.Map domains

domainsSet

protected java.util.Set domainsSet

urlp

protected URLPermissionCollection urlp
Constructor Detail

AbstractAuthorizationManager

public AbstractAuthorizationManager()
Method Detail

setApplicationName

public void setApplicationName(java.lang.String applicationName)
define the application's name, and propagate it into Principals. this mechanism is done because application's name can only be known when the first request is here (bad j2ee design....).

Specified by:
setApplicationName in interface AuthorizationManager
Parameters:
applicationName -

getURLDomains

public java.util.Set getURLDomains(java.util.Collection domainNames)
with a collection of domain names, provide the corresponding set of URLDomains.

Specified by:
getURLDomains in interface AuthorizationManager
Returns:
URLPermission's Set

getURLPermissions

public java.util.Set getURLPermissions(java.util.Collection permissionNames)
with a collection of URLPermissions names, provide the corresponding set of URLPermissions.

Specified by:
getURLPermissions in interface AuthorizationManager
Parameters:
permissionNames - collection of permission names to grab.
Returns:
URLPermission's Set

init

public abstract void init(java.util.Map options)
initialize AuthorizationManager implementation.

Specified by:
init in interface AuthorizationManager
Parameters:
options -

refresh

public void refresh()
Description copied from interface: AuthorizationManager
refresh principals and permissions data.

Specified by:
refresh in interface AuthorizationManager
Throws:
AuthorizationException
See Also:
AuthorizationManager.refresh()

getPermissionCollection

public java.security.PermissionCollection getPermissionCollection(java.util.Set userPrincipals)
compare declared Principals in the application, with principals set of the user. for the principals of the user, we retrieve corresponding permissions declared in the application, and we regroup them in a PermissionCollection.

Specified by:
getPermissionCollection in interface AuthorizationManager
Parameters:
userPrincipals -
Returns:
PermissionCollection
See Also:
AuthorizationManager.getPermissionCollection(java.util.Set)

cloneRole

public JGuardPrincipal cloneRole(java.lang.String roleName)
                          throws AuthorizationException
clone a JGuardPrincipal/Role.

Specified by:
cloneRole in interface AuthorizationManager
Parameters:
roleName - JGuardPrincipal name to clone
Returns:
cloned JGuardPrincipal with a different name : original JguardPrincipal name + Random integer betweeen 0 and 99999
Throws:
AuthorizationException

createRole

public abstract void createRole(JGuardPrincipal principal)
                         throws AuthorizationException
Throws:
AuthorizationException

listDomains

public java.util.Set listDomains()
                          throws AuthorizationException
return Set of domains.

Specified by:
listDomains in interface AuthorizationManager
Returns:
domains Set
Throws:
AuthorizationException
See Also:
AuthorizationManager.listDomains()

readPermission

public java.security.Permission readPermission(java.lang.String permissionName)
                                        throws AuthorizationException
read an URLPermission.

Specified by:
readPermission in interface AuthorizationManager
Parameters:
permissionName -
Throws:
AuthorizationException
See Also:
AuthorizationManager.readPermission(java.lang.String)

readDomain

public URLDomain readDomain(java.lang.String domainName)
                     throws AuthorizationException
return an URLDomain with its associated URLPermission set.

Specified by:
readDomain in interface AuthorizationManager
Returns:
URLDomain
Throws:
AuthorizationException
See Also:
AuthorizationManager.readDomain(java.lang.String)

readRole

public JGuardPrincipal readRole(java.lang.String roleName)
                         throws AuthorizationException
return the corresponding application role.

Specified by:
readRole in interface AuthorizationManager
Returns:
role
Throws:
AuthorizationException
See Also:
AuthorizationManager.readRole(java.lang.String)

updatePrincipals

protected void updatePrincipals(URLDomain domain)

Update the permissions from jGuardPrincipals that contains this domain.

Note: This method is need because, first, there are no warranty that the reference of domain in the JGuardPrincipal object are the same from domainsSet and map and, second, the getPermissions method from JGuardPrincipal don't load the permissions from domains objects (it use a internal set of permissions).

Parameters:
domain - the domain that will be updated in the principals

updatePrincipals

protected void updatePrincipals(URLPermission permission)

Update the permissions from jGuardPrincipals and the associated domain.

Note: This method is need because, first, there are no warranty that the reference of domain in the JGuardPrincipal object are the same from domainsSet and map and, second, the getPermissions method from JGuardPrincipal don't load the permissions from domains objects (it use a internal set of permissions).

updatePrincipals

protected void updatePrincipals(URLDomain newDomain,
                                java.lang.String oldDomainName)
update the principal with this updated domain. it implies a suppress and an addition.

Parameters:
newDomain -
oldDomainName -

removeDomainFromPrincipals

protected void removeDomainFromPrincipals(java.lang.String domainName)
Remove the domain from all principals that have relationship with this domain.

Parameters:
domainName - the name of the domain that will be removed

removePermissionFromPrincipals

protected void removePermissionFromPrincipals(java.lang.String permissionName)
Remove the permission from all principals that have relationship with this permission like a orphaned permission (directly), or through a domain (indirectly).

Parameters:
permissionName - the name of the permission that will be removed
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD