Class UserOrigReqAccessEvaluator

java.lang.Object
com.netscape.certsrv.evaluators.AccessEvaluator
com.netscape.cms.evaluators.UserOrigReqAccessEvaluator

public class UserOrigReqAccessEvaluator extends AccessEvaluator
A class represents a user-origreq user mapping acls evaluator. This is primarily used for renewal. During renewal, the orig_req uid is placed in the SessionContext of the renewal session context to be evaluated by this evaluator
Author:
Christina Fu
  • Field Details

    • logger

      public static org.slf4j.Logger logger
  • Constructor Details

    • UserOrigReqAccessEvaluator

      public UserOrigReqAccessEvaluator()
      Class constructor.
  • Method Details

    • init

      public void init()
      initialization. nothing for now.
      Specified by:
      init in class AccessEvaluator
    • getSupportedOperators

      public String[] getSupportedOperators()
      Description copied from class: AccessEvaluator
      Get the supported operators for this evaluator
      Specified by:
      getSupportedOperators in class AccessEvaluator
      Returns:
      Supported operators in string array
    • evaluate

      public boolean evaluate(AuthToken authToken, String type, String op, String value)
      Evaluates the user in AuthToken to see if it's equal to value
      Specified by:
      evaluate in class AccessEvaluator
      Parameters:
      authToken - AuthToken from authentication
      type - must be "at_userreq"
      op - must be "="
      value - the request param name
      Returns:
      true if AuthToken userid is same as value, false otherwise
    • evaluate

      public boolean evaluate(String type, String op, String value)
      Evaluates the user in session context to see if it's equal to value
      Specified by:
      evaluate in class AccessEvaluator
      Parameters:
      type - must be "user_origreq"
      op - must be "="
      value - the user id
      Returns:
      true if SessionContext uid is same as value, false otherwise