Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.dtolabs.rundeck.core.authorization
Class SubjectAuthContext

java.lang.Object
  extended by com.dtolabs.rundeck.core.authorization.SubjectAuthContext
All Implemented Interfaces:
AuthContext
public class SubjectAuthContext
extends java.lang.Object
implements AuthContext

Wraps a Subject and Authorization to provide AuthContext

Constructor Summary
SubjectAuthContext(javax.security.auth.Subject subject, Authorization authorization)
           
 
Method Summary
 Decision evaluate(java.util.Map<java.lang.String,java.lang.String> resource, java.lang.String action, java.util.Set<Attribute> environment)
          Evaluate the authorization request and return if this request is valid.
 java.util.Set<Decision> evaluate(java.util.Set<java.util.Map<java.lang.String,java.lang.String>> resources, java.util.Set<java.lang.String> actions, java.util.Set<Attribute> environment)
          Make a multiple resource determination.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SubjectAuthContext

public SubjectAuthContext(javax.security.auth.Subject subject,
                          Authorization authorization)
Method Detail

evaluate

public Decision evaluate(java.util.Map<java.lang.String,java.lang.String> resource,
                         java.lang.String action,
                         java.util.Set<Attribute> environment)
Description copied from interface: AuthContext
Evaluate the authorization request and return if this request is valid. Make a single resource determination.

The method is loosely based on the XACML model for structuring requests and response.

These can be prefixed with a fully qualified namespace and ':'.

If anything goes wrong in evaluating the request, the result will be false. No exception will be thrown.

Specified by:
evaluate in interface AuthContext
Parameters:
resource - The properties that identify the resource.
action - A set of actions that are being requested on the resource.
environment - A set of environment properties (hostname, time of day, etc.)
Returns:
decision Return true if the subject's action on the object given the environment is authorized.

evaluate

public java.util.Set<Decision> evaluate(java.util.Set<java.util.Map<java.lang.String,java.lang.String>> resources,
                                        java.util.Set<java.lang.String> actions,
                                        java.util.Set<Attribute> environment)
Description copied from interface: AuthContext
Make a multiple resource determination.

Specified by:
evaluate in interface AuthContext
Returns:
decisions
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD