/** * @see AbstractAuthorizationModule#authorize(Resource) */ public int authorize(Resource resource) { return this.invokeDelegate(resource); } }
/** * @see AuthorizationModule#authorize(Resource) */ public int authorize(Resource resource) { return this.invokeDelegate(resource); } }
/** * @see AbstractAuthorizationModule#authorize(Resource) */ public int authorize(Resource resource) { return this.invokeDelegate(resource); } }
/** * Subclasses can use this method to leave the authorization * decision to the delegate configured */ protected int invokeDelegate(Resource resource) { int authorizationDecision = AuthorizationContext.DENY; ResourceType layer = resource.getLayer(); String delegateStr = (String)delegateMap.get(layer); if(delegateStr == null) throw new IllegalStateException("Delegate is missing for layer="+layer); AuthorizationModuleDelegate delegate = null; try { delegate = getDelegate(delegateStr); authorizationDecision = delegate.authorize(resource,this.subject, this.role); } catch(Exception e) { log.debug("Error with delegate:",e); IllegalStateException ise = new IllegalStateException(e.getLocalizedMessage()); ise.initCause(e); throw ise; } return authorizationDecision; }
protected Principal[] getPrincipals(Subject subject, Role role) { Set<Principal> principalsSet = null; if(role != null) { principalsSet = getPrincipalSetFromRole(role); } Principal[] arr = null; if(principalsSet != null) { arr = new Principal[principalsSet.size()]; principalsSet.toArray(arr); } return arr; }
/** * Load the delegate * @param delegateStr FQN of the delegate * @return Delegate Instance * @throws Exception */ protected AuthorizationModuleDelegate getDelegate(String delegateStr) throws Exception { ClassLoader tcl = SecurityActions.getContextClassLoader(); Class<?> clazz = tcl.loadClass(delegateStr); return (AuthorizationModuleDelegate)clazz.newInstance(); }
/** * @see AuthorizationModule#initialize(Subject, CallbackHandler, Map, Map, Role) */ public void initialize(Subject subject, CallbackHandler handler, Map<String,Object> sharedState, Map<String,Object> options, RoleGroup subjectRole) { this.subject = subject; this.handler = handler; this.sharedState = sharedState; this.options = options; //Check if there is a delegate map via options if(options != null) { String commaSeparatedDelegates = (String)options.get("delegateMap"); if(commaSeparatedDelegates != null && commaSeparatedDelegates.length() > 0) populateDelegateMap(commaSeparatedDelegates); } this.role = subjectRole; }
/** * Subclasses can use this method to leave the authorization * decision to the delegate configured */ protected int invokeDelegate(Resource resource) { int authorizationDecision = AuthorizationContext.DENY; ResourceType layer = resource.getLayer(); String delegateStr = (String)delegateMap.get(layer); if(delegateStr == null) throw PicketBoxMessages.MESSAGES.missingDelegateForLayer(layer != null ? layer.toString() : null); AuthorizationModuleDelegate delegate = null; try { delegate = getDelegate(delegateStr); authorizationDecision = delegate.authorize(resource,this.subject, this.role); } catch(Exception e) { IllegalStateException ise = new IllegalStateException(e.getLocalizedMessage()); ise.initCause(e); throw ise; } return authorizationDecision; }
/** * @see AbstractAuthorizationModule#authorize(Resource) */ public int authorize(Resource resource) { return this.invokeDelegate(resource); } }
/** * @see AuthorizationModule#authorize(Resource) */ public int authorize(Resource resource) { return this.invokeDelegate(resource); } }
/** * @see AbstractAuthorizationModule#authorize(Resource) */ public int authorize(Resource resource) { return this.invokeDelegate(resource); } }
protected Principal[] getPrincipals(Subject subject, Role role) { Set<Principal> principalsSet = null; if(role != null) { principalsSet = getPrincipalSetFromRole(role); } Principal[] arr = null; if(principalsSet != null) { arr = new Principal[principalsSet.size()]; principalsSet.toArray(arr); } return arr; }
/** * Load the delegate * @param delegateStr FQN of the delegate * @return Delegate Instance * @throws Exception */ protected AuthorizationModuleDelegate getDelegate(String delegateStr) throws Exception { Class<?> clazz = clazzMap.get(delegateStr); if(clazz == null) { try { clazz = getClass().getClassLoader().loadClass(delegateStr); } catch (Exception e) { ClassLoader tcl = SecurityActions.getContextClassLoader(); clazz = tcl.loadClass(delegateStr); } clazzMap.put(delegateStr, clazz); } return (AuthorizationModuleDelegate)clazz.newInstance(); }
/** * @see AuthorizationModule#initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map, org.jboss.security.identity.RoleGroup) */ public void initialize(Subject subject, CallbackHandler handler, Map<String,Object> sharedState, Map<String,Object> options, RoleGroup subjectRole) { this.subject = subject; this.handler = handler; this.sharedState = sharedState; this.options = options; //Check if there is a delegate map via options if(options != null) { String commaSeparatedDelegates = (String)options.get("delegateMap"); if(commaSeparatedDelegates != null && commaSeparatedDelegates.length() > 0) populateDelegateMap(commaSeparatedDelegates); } this.role = subjectRole; }