All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.jboss.security.javaee.AbstractWebAuthorizationHelper Maven / Gradle / Ivy

/*
  * JBoss, Home of Professional Open Source
  * Copyright 2007, JBoss Inc., and individual contributors as indicated
  * by the @authors tag. See the copyright.txt in the distribution for a
  * full listing of individual contributors.
  *
  * This is free software; you can redistribute it and/or modify it
  * under the terms of the GNU Lesser General Public License as
  * published by the Free Software Foundation; either version 2.1 of
  * the License, or (at your option) any later version.
  *
  * This software is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this software; if not, write to the Free
  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
  */
package org.jboss.security.javaee;

import java.security.Principal;
import java.util.List;
import java.util.Map;
import java.util.Set;

import javax.security.auth.Subject;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
 
/**
 *  Abstract Web Authorization Helper
 *  @author [email protected]
 *  @since  Apr 17, 2008 
 *  @version $Revision$
 */
public abstract class AbstractWebAuthorizationHelper 
extends AbstractJavaEEHelper
{
   protected boolean enableAudit = false; 
   
   public boolean isEnableAudit()
   {
      return enableAudit;
   }

   public void setEnableAudit(boolean enableAudit)
   {
      this.enableAudit = enableAudit;
   }

   /**
    * Validate that the caller has the permission to access a web resource
    * @param contextMap
    * @param request
    * @param response
    * @param callerSubject
    * @param contextID
    * @param canonicalRequestURI
    * @return true - permitted
    * @throws IllegalArgumentException request, response, callerSubject, contextID or canonicalRequestURI is null
    * @throws IllegalStateException Authorization Manager from Security Context is null
    */
   public abstract boolean checkResourcePermission(
         Map contextMap,
         ServletRequest request, 
         ServletResponse response,
         Subject callerSubject, 
         String contextID,
         String canonicalRequestURI);
   
   /**
    * Validate that the caller has the permission to access a web resource
    * @param contextMap
    * @param request
    * @param response
    * @param callerSubject
    * @param contextID
    * @param canonicalRequestURI
    * @param roles
    * @return true - permitted
    * @throws IllegalArgumentException request, response, callerSubject, contextID or canonicalRequestURI is null
    * @throws IllegalStateException Authorization Manager from Security Context is null
    */
   public abstract boolean checkResourcePermission(
         Map contextMap,
         ServletRequest request, 
         ServletResponse response,
         Subject callerSubject, 
         String contextID,
         String canonicalRequestURI,
         List roles);

   /**
    * Validate that the caller has the required role to access a resource
    * @param roleName
    * @param principal
    * @param servletName
    * @param principalRoles
    * @param contextID
    * @param callerSubject
    * @return
    * @throws IllegalArgumentException roleName, contextID, callerSubject is null
    * @throws IllegalStateException Authorization Manager from Security Context is null
    */
   public abstract boolean hasRole(
         String roleName, 
         Principal principal, 
         String servletName, 
         Set principalRoles,  
         String contextID,
         Subject callerSubject);
   
   /**
    * Validate that the caller has the required role to access a resource
    * @param roleName
    * @param principal
    * @param servletName
    * @param principalRoles
    * @param contextID
    * @param callerSubject
    * @param roles
    * @return
    * @throws IllegalArgumentException roleName, contextID, callerSubject is null
    * @throws IllegalStateException Authorization Manager from Security Context is null
    */
   public abstract boolean hasRole(
         String roleName, 
         Principal principal, 
         String servletName, 
         Set principalRoles,  
         String contextID,
         Subject callerSubject,
         List roles);
   
   /**
    * Validate whether the transport constraints are met by the caller
    * @param contextMap
    * @param request
    * @param response
    * @param contextID
    * @param callerSubject
    * @return
    * @throws IllegalArgumentException request, response, callerSubject or contextID is null
    * @throws IllegalStateException Authorization Manager from Security Context is null
    */
   public abstract boolean hasUserDataPermission(
         Map contextMap,
         ServletRequest request, 
         ServletResponse response, 
         String contextID,
         Subject callerSubject);
   
   /**
    * Validate whether the transport constraints are met by the caller
    * @param contextMap
    * @param request
    * @param response
    * @param contextID
    * @param callerSubject
    * @param roles
    * @return
    * @throws IllegalArgumentException request, response, callerSubject or contextID is null
    * @throws IllegalStateException Authorization Manager from Security Context is null
    */
   public abstract boolean hasUserDataPermission(
         Map contextMap,
         ServletRequest request, 
         ServletResponse response, 
         String contextID,
         Subject callerSubject,
         List roles);
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy