com.waveset.object
Class AuthContext

java.lang.Object
  extended bycom.waveset.util.AbstractXmlObject
      extended bycom.waveset.object.AuthContext
All Implemented Interfaces:
javax.naming.Referenceable, XmlObject

public class AuthContext
extends AbstractXmlObject

An experimental object used to encapsulate a collection of authorization rules for some external "resource". A resource is any external system or object that can be identified by a string. Typically this string is a URL though this is not a requirement. This was developed as part of early SSO prototypes, it is unclear how this will evolve.


Nested Class Summary
static class AuthContext.Group
          A helper class that represents the collection of authorization definitions associated with a single URL, or wildcard pattern.
static class AuthContext.Member
          A helper class that represents a named group member, either a user or another group.
static class AuthContext.UrlAcl
          A helper class that represents the collection of authorization definitions associated with a single URL, or wildcard pattern.
 
Field Summary
static java.lang.String code_id
           
static java.lang.String ELEMENT
           
 
Fields inherited from class com.waveset.util.AbstractXmlObject
_trace
 
Constructor Summary
AuthContext()
           
AuthContext(org.w3c.dom.Element e)
           
 
Method Summary
 java.lang.String getElementName()
          Return the element name.
 boolean isAuthorized(java.lang.String subject, java.lang.String url)
          Shorthand for simpler checks with a single domain and no query.
 boolean isAuthorized(java.lang.String subject, java.lang.String domain, java.lang.String url, java.lang.String query)
          Tests access to a particular resource by a subject.
 void toXml(java.lang.StringBuffer b, int indent)
          Serialize into a buffer with optional indentation.
 
Methods inherited from class com.waveset.util.AbstractXmlObject
addXmlHeader, cloneObject, dump, dumpFile, getReference, println, setTrace, toIdentityString, toVerboseString, toVerboseString, toXml, toXml, toXml
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

code_id

public static final java.lang.String code_id
See Also:
Constant Field Values

ELEMENT

public static final java.lang.String ELEMENT
See Also:
Constant Field Values
Constructor Detail

AuthContext

public AuthContext()

AuthContext

public AuthContext(org.w3c.dom.Element e)
            throws WavesetException
Method Detail

getElementName

public java.lang.String getElementName()
Description copied from class: AbstractXmlObject
Return the element name.

Specified by:
getElementName in interface XmlObject
Specified by:
getElementName in class AbstractXmlObject

isAuthorized

public boolean isAuthorized(java.lang.String subject,
                            java.lang.String domain,
                            java.lang.String url,
                            java.lang.String query)
                     throws WavesetException
Tests access to a particular resource by a subject. Depending on how or if we integrate this with native Waveset authorization, we may want to allow a Subject object here. Also might need to beef up permissions. Right now we assume "read" is the only thing of interest.

Returns true if the subject has access to this object, otherwise returns false.

Throws an exception only for internal errors.

Throws:
WavesetException

isAuthorized

public boolean isAuthorized(java.lang.String subject,
                            java.lang.String url)
                     throws WavesetException
Shorthand for simpler checks with a single domain and no query.

Throws:
WavesetException

toXml

public void toXml(java.lang.StringBuffer b,
                  int indent)
Description copied from class: AbstractXmlObject
Serialize into a buffer with optional indentation. This must be implemented by the subclass.

Specified by:
toXml in interface XmlObject
Specified by:
toXml in class AbstractXmlObject