Package com.netscape.certsrv.evaluators
Interface IAccessEvaluator
- All Known Implementing Classes:
GroupAccessEvaluator
,IPAddressAccessEvaluator
,UserAccessEvaluator
,UserOrigReqAccessEvaluator
public interface IAccessEvaluator
A class represents an evaluator. An evaluator is used to
evaluate an expression. For example, one can write an evaluator to
evaluate if a user belongs to a certain group. An evaluator is
generally used for access control expression evaluation, however, it
can be used for other evaluation-related operations.
- Version:
- $Revision$, $Date$
-
Method Summary
Modifier and TypeMethodDescriptionboolean
evaluate
(IAuthToken authToken, String type, String op, String value) Evaluates if the given value satisfies the access control in authToken obtained from Authentication.boolean
Evaluates if the given value satisfies the access control in current context.Gets the description of the evaluatorString[]
Get the supported operators for this evaluatorgetType()
Gets the type of the evaluator.void
init()
Initialize the evaluator
-
Method Details
-
init
void init()Initialize the evaluator -
getType
String getType()Gets the type of the evaluator. Type is defined by each evaluator plugin. Each evaluator plugin should have a unique type.- Returns:
- type of the evaluator
-
getDescription
String getDescription()Gets the description of the evaluator- Returns:
- a text description for this evaluator
-
evaluate
Evaluates if the given value satisfies the access control in current context.- Parameters:
type
- Type of the evaluator, eg, user, group etcop
- Operator of the evaluator, eg, =, !=value
- Part of the expression that can be used to evaluate, e.g, value can be the name of the group if the purpose of the evaluator is to evaluate if the user is a member of the group.- Returns:
- true if the evaluation expression is matched; false otherwise.
-
evaluate
Evaluates if the given value satisfies the access control in authToken obtained from Authentication.- Parameters:
authToken
- Authentication tokentype
- Type of the evaluator, eg, user, group etcop
- Operator of the evaluator, eg, =, !=value
- Part of the expression that can be used to evaluate, e.g, value can be the name of the group if the purpose of the evaluator is to evaluate if the user is a member of the group.- Returns:
- true if the evaluation expression is matched; false otherwise.
-
getSupportedOperators
String[] getSupportedOperators()Get the supported operators for this evaluator- Returns:
- Supported operators in string array
-