Interface IAuthzManager

All Known Implementing Classes:
AAclAuthz, BasicAclAuthz, BasicGroupAuthz, DirAclAuthz

public interface IAuthzManager
Authorization Manager interface needs to be implemented by all authorization managers.

Version:
$Revision$, $Date$
  • Method Details

    • getName

      String getName()
      Get the name of this authorization manager instance.

      Returns:
      String the name of this authorization manager.
    • getImplName

      String getImplName()
      Get implementation name of authorization manager plugin.

      An example of an implementation name will be:

       com.netscape.cms.BasicAclAuthz
       

      Returns:
      The name of the authorization manager plugin.
    • accessInit

      void accessInit(String accessInfo) throws EBaseException
      accessInit is for servlets who want to initialize their own authorization information before full operation. It is supposed to be called from the authzMgrAccessInit() method of the AuthzSubsystem.

      The accessInfo format is determined by each individual authzmgr. For example, for BasicAclAuthz, The accessInfo is the resACLs, whose format should conform to the following: Example: resTurnKnob:left,right:allow(left) group="lefties":door knobs for lefties

      Parameters:
      accessInfo - the access info string in the format specified in the authorization manager
      Throws:
      EBaseException - error parsing the accessInfo
    • authorize

      AuthzToken authorize(IAuthToken authToken, String resource, String operation) throws EAuthzInternalError, EAuthzAccessDenied
      Check if the user is authorized to perform the given operation on the given resource.
      Parameters:
      authToken - the authToken associated with a user.
      resource - - the protected resource name
      operation - - the protected resource operation name
      Returns:
      authzToken if the user is authorized
      Throws:
      EAuthzInternalError - if an internal error occurred.
      EAuthzAccessDenied - if access denied
    • authorize

      AuthzToken authorize(IAuthToken authToken, String expression) throws EAuthzInternalError, EAuthzAccessDenied
      Throws:
      EAuthzInternalError
      EAuthzAccessDenied
    • init

      void init(String name, String implName, AuthzManagerConfig config) throws EBaseException
      Initialize this authorization manager.
      Parameters:
      name - The name of this authorization manager instance.
      implName - The name of the authorization manager plugin.
      config - The configuration store for this authorization manager.
      Throws:
      EBaseException - If an initialization error occurred.
    • shutdown

      void shutdown()
      Prepare this authorization manager for a graceful shutdown. Called when the server is exiting for any cleanup needed.
    • getConfigParams

      String[] getConfigParams() throws EBaseException
      Get configuration parameters for this implementation. The configuration parameters returned is passed to the console so configuration for instances of this implementation can be made through the console.
      Returns:
      a list of names for configuration parameters.
      Throws:
      EBaseException - If an internal error occurred
    • getConfigStore

      ConfigStore getConfigStore()
      Get the configuration store for this authorization manager.
      Returns:
      The configuration store of this authorization manager.
    • getACLs

      Enumeration<IACL> getACLs()
      Get ACL entries
      Returns:
      enumeration of ACL entries.
    • getACL

      IACL getACL(String target)
      Get individual ACL entry for the given name of entry.
      Parameters:
      target - The name of the ACL entry
      Returns:
      The ACL entry.
    • updateACLs

      void updateACLs(String id, String rights, String strACLs, String desc) throws EACLsException
      Update ACLs in the database
      Parameters:
      id - The name of the ACL entry (ie, resource id)
      rights - The allowable rights for this resource
      strACLs - The value of the ACL entry
      desc - The description for this resource
      Throws:
      EACLsException - when update fails.
    • aclEvaluatorElements

      Enumeration<IAccessEvaluator> aclEvaluatorElements()
      Get all registered evaluators.
      Returns:
      All registered evaluators.
    • registerEvaluator

      void registerEvaluator(String type, IAccessEvaluator evaluator)
      Register new evaluator
      Parameters:
      type - Type of evaluator
      evaluator - Value of evaluator
    • getAccessEvaluators

      Hashtable<String,IAccessEvaluator> getAccessEvaluators()
      Return a table of evaluators
      Returns:
      A table of evaluators