Policy2UpdateablePolicy (WSO2 SOA Enablement Server for Java 6.6 API)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.systinet.security.policy
Class Policy2UpdateablePolicy

java.lang.Object
  javax.security.auth.Policy
      org.systinet.security.policy.UpdateablePolicy
          org.systinet.security.policy.Policy2UpdateablePolicy

public class Policy2UpdateablePolicy
extends UpdateablePolicy

This is a wrapper class for representing the updateable policy using JAAS policy. Extension methods (those that are not in standard Java Policy) always throw AccessControlException with the unsupported information message, unless the wrapped policy is not instance of UpdateablePolicy (then the behaviour is left to the nested one).

Since:: 4.0
Component:: Security-Specific

Field Summary

Fields inherited from class org.systinet.security.policy.UpdateablePolicy

WASP_POLICY_CHECKER, WASP_POLICY_IMPL

Constructor Summary
`Policy2UpdateablePolicy(java.util.Map initParams)` Wrapps JAAS Policy into an updatable policy.
`Policy2UpdateablePolicy(javax.security.auth.Policy policy)` Wrapps given policy into an updatable policy.

Method Summary
`boolean`	`addPermission(java.security.CodeSource cs, java.security.Principal principal, java.security.Permission permission)` Adds a single permission to specified principal.
`void`	`addPermissions(java.security.CodeSource cs, java.security.Principal principal, java.security.PermissionCollection collection)` Adds collection of permissions to specified principal.
`boolean`	`addPermissionToRole(java.lang.String roleName, java.security.Permission permission)` Adds permission to role.
`java.security.PermissionCollection`	`getPermissions(javax.security.auth.Subject subject, java.security.CodeSource codesource)` Retrieve the Permissions granted to the Principals associated with the specified CodeSource, always returns a collection containg AllPermissons .
`PrincipalEntries`	`getPrincipalEntries()` Returns enumeration of all principal entries.
`PrincipalEntries`	`getPrincipalEntries(java.security.Permission perm)` Returns enumeration of principal entries that are granted with specified atomic permission.
`java.security.PermissionCollection`	`getPrincipalPermissions(java.security.CodeSource cs, java.security.Principal principal)` Returns permissions associated with the principal, also with permissions inheritted from roles.
`java.security.PermissionCollection`	`getPrincipalPermissions(java.security.CodeSource cs, java.security.Principal principal, boolean roleInheritted)` Returns permissions associated with the principal, optionally without permissions inheritted from roles.
`java.util.Iterator`	`getRoleNames()` Returns iterator of role names.
`java.security.PermissionCollection`	`getRolePermissions(java.lang.String roleName)` Get permissions owned by role.
`boolean`	`isRoleManager()` It tests, whether this policy can manage roles or not.
`boolean`	`isUpdatable()` It tests, whether this policy is really updateable or read-only.
`void`	`refresh()` Refreshes and reloads the Policy.
`boolean`	`removePermission(java.security.CodeSource cs, java.security.Principal principal, java.security.Permission permission)` Removes permission from specified principal.
`boolean`	`removePermissionFromRole(java.lang.String roleName, java.security.Permission permission)` Removes permission from role.

Methods inherited from class org.systinet.security.policy.UpdateablePolicy

createRole, deleteRole, destroy, getUpdateablePolicy, initSingleton, setUpdateablePolicy

Methods inherited from class javax.security.auth.Policy

getPolicy, setPolicy

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Policy2UpdateablePolicy

public Policy2UpdateablePolicy(java.util.Map initParams)

Wrapps JAAS Policy into an updatable policy.
Parameters:: initParams - not used, but required by WASP for construction using reflection API

Policy2UpdateablePolicy

public Policy2UpdateablePolicy(javax.security.auth.Policy policy)

Wrapps given policy into an updatable policy.
Parameters:: policy - the policy to wrap

Method Detail

isUpdatable

public boolean isUpdatable()

It tests, whether this policy is really updateable or read-only. The behaviour is left to the nested policy. If it is able to manage prinicapl entries, it returns true, otherwise it returns false.

Specified by:: isUpdatable in class UpdateablePolicy

Returns:: false if it is read-only, true if it is updatable (principal oriented methods are fully supported)

isRoleManager

public boolean isRoleManager()

It tests, whether this policy can manage roles or not. The behaviour depends on nested policy. If it is able to manages roles, that it returns true, otherwise it returns false.

Specified by:: isRoleManager in class UpdateablePolicy

Returns:: false if it cannot manage roles, true if it can (role oriented methods are fully supported)

refresh

public void refresh()

Refreshes and reloads the Policy. This is implementation-dependent. For example, if the Policy object is stored in a file, calling refresh will cause the file to be re-read.

Specified by:: refresh in class UpdateablePolicy

Throws:: java.lang.SecurityException - if the caller does not have permission to refresh the Policy.

getPermissions

public java.security.PermissionCollection getPermissions(javax.security.auth.Subject subject,
                                                         java.security.CodeSource codesource)

Retrieve the Permissions granted to the Principals associated with the specified CodeSource, always returns a collection containg AllPermissons .

Specified by:: getPermissions in class UpdateablePolicy

Parameters:: subject - the Subject whose associated Principals, in conjunction with the provided CodeSource, determines the Permissions returned by this method. This parameter may be null.; codesource - the code specified by its CodeSource that determines, in conjunction with the provided Subject, the Permissions returned by this method. This parameter may be null.
Returns:: the Collection of Permissions granted to all the Subject and code specified in the provided subject and cs parameters.

addPermissions

public void addPermissions(java.security.CodeSource cs,
                           java.security.Principal principal,
                           java.security.PermissionCollection collection)
                    throws java.security.AccessControlException

Adds collection of permissions to specified principal.

Specified by:: addPermissions in class UpdateablePolicy

Parameters:: principal - principal; cs - codesource for this permission (can be null); collection - collection of permissions to be added to <principal, code source> pair
Throws:: java.security.AccessControlException - the policy is read only or the caller is not authorized to invoke this method

addPermission

public boolean addPermission(java.security.CodeSource cs,
                             java.security.Principal principal,
                             java.security.Permission permission)
                      throws java.security.AccessControlException

Adds a single permission to specified principal.

Specified by:: addPermission in class UpdateablePolicy

Parameters:: cs - codesource for this permission (can be null); principal - principal; permission - permission to add
Returns:: true if the permission was added, false if it cannot be added, because the principal already owns the permission.
Throws:: java.security.AccessControlException - access control rules disallows to perform requested operation

removePermission

public boolean removePermission(java.security.CodeSource cs,
                                java.security.Principal principal,
                                java.security.Permission permission)
                         throws java.security.AccessControlException

Removes permission from specified principal.

Specified by:: removePermission in class UpdateablePolicy

Parameters:: cs - codesource for this permission (can be null); principal - principal; permission - the permission has to match exactly (tested through equals method) to one of the permissions already assigned to the principal.
Returns:: true if the permission was removed, false if it cannot be removed, because the principal does not own the permission.
Throws:: java.security.AccessControlException - access control rules disallows to perform requested operation

getPrincipalPermissions

public java.security.PermissionCollection getPrincipalPermissions(java.security.CodeSource cs,
                                                                  java.security.Principal principal)
                                                           throws java.security.AccessControlException

Returns permissions associated with the principal, also with permissions inheritted from roles.

Specified by:: getPrincipalPermissions in class UpdateablePolicy

Parameters:: cs - codesource for this permission (can be null); principal - principal (can be null)
Returns:: principal collection associated only with the given principal
Throws:: java.security.AccessControlException - access control rules disallows to perform requested operation

getPrincipalPermissions

public java.security.PermissionCollection getPrincipalPermissions(java.security.CodeSource cs,
                                                                  java.security.Principal principal,
                                                                  boolean roleInheritted)
                                                           throws java.security.AccessControlException

Returns permissions associated with the principal, optionally without permissions inheritted from roles.

Specified by:: getPrincipalPermissions in class UpdateablePolicy

Parameters:: cs - codesource for this permission (can be null); principal - principal (can be null); roleInheritted - true means that the returned permissions also contain permissions inheritted principal's roles
Returns:: principal collection associated only with the given principal
Throws:: java.security.AccessControlException - access control rules disallows to perform requested operation

getPrincipalEntries

public PrincipalEntries getPrincipalEntries()
                                     throws java.security.AccessControlException

Returns enumeration of all principal entries.

Specified by:: getPrincipalEntries in class UpdateablePolicy

Returns:: enumeration of principal entries, each entry contains principal permissions (without those, which are inheritted from roles)
Throws:: java.security.AccessControlException - access control rules disallows to perform requested operation

getPrincipalEntries

public PrincipalEntries getPrincipalEntries(java.security.Permission perm)
                                     throws java.security.AccessControlException

Returns enumeration of principal entries that are granted with specified atomic permission. The permission is atomic if both its name and actions are not composed values.

Specified by:: getPrincipalEntries in class UpdateablePolicy

Parameters:: perm - permission act as filter for the constructed result
Returns:: enumeration of principal entries, each entry contains principal permissions (without those, which are inheritted from roles)
Throws:: java.security.AccessControlException - access control rules disallows to perform requested operation

getRoleNames

public java.util.Iterator getRoleNames()

Returns iterator of role names.

Specified by:: getRoleNames in class UpdateablePolicy

Returns:: iterator of role names (string values)

addPermissionToRole

public boolean addPermissionToRole(java.lang.String roleName,
                                   java.security.Permission permission)

Adds permission to role.

Specified by:: addPermissionToRole in class UpdateablePolicy

Parameters:: roleName - role name; permission - permission to add, can be null to cteate empty role entry
Returns:: true if the permission was added, false if it cannot be added
Throws:: java.security.AccessControlException - the caller is not authorized to invoke this method

removePermissionFromRole

public boolean removePermissionFromRole(java.lang.String roleName,
                                        java.security.Permission permission)

Removes permission from role.

Specified by:: removePermissionFromRole in class UpdateablePolicy

Parameters:: roleName - role name; permission - permission to remove (can be null to remove the role) , the permission has to match exactly (tested through equals method) to one of the permissions already assigned to the role.
Returns:: true, if the permission was removed; false if it cannot be added
Throws:: java.security.AccessControlException - the caller is not authorized to invoke this method

getRolePermissions

public java.security.PermissionCollection getRolePermissions(java.lang.String roleName)

Get permissions owned by role.

Specified by:: getRolePermissions in class UpdateablePolicy

Parameters:: roleName - role name
Returns:: permission collection containing enumeration of role permissions
Throws:: java.security.AccessControlException - the caller is not authorized to invoke this method

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.systinet.security.policy Class Policy2UpdateablePolicy

Policy2UpdateablePolicy

Policy2UpdateablePolicy

isUpdatable

isRoleManager

refresh

getPermissions

addPermissions

addPermission

removePermission

getPrincipalPermissions

getPrincipalPermissions

getPrincipalEntries

getPrincipalEntries

getRoleNames

addPermissionToRole

removePermissionFromRole

getRolePermissions

org.systinet.security.policy
Class Policy2UpdateablePolicy