org.systinet.security.policy
Class WASPAccessController

java.lang.Object
  org.systinet.security.policy.WASPAccessController

Direct Known Subclasses:

JAASAccessController

public abstract class WASPAccessController

extends java.lang.Object

WASP Access controller is used by callers to check required permissions through checkPermission method. The decision on which is the access is permitted is implementation-dependent. The getInstance() method returns the singleton instance, you should use this method to get WASPAccessController. If no singleton is available (has not been set), the JAASAccessController is used as a default access controller.

Since:

4.0

Component:

Security-Specific

Field Summary

static java.lang.String	WASP_AC_IMPL the key for the name of WASPAccessController implementation class
static java.lang.String	WASP_POLICY_INSTANCE the key for updateable policy used (optional), used as intialization parameter

Constructor Summary

protected

WASPAccessController(java.util.Map configurationParameters) Initialization of this using given properties.

Method Summary

static void	checkPermission(java.security.Permission perm) Deprecated. use org.idoox.wasp.WaspSecurity.checkPermission for permission checking.
abstract void	checkPermission(javax.security.auth.Subject subject, java.security.Permission perm) Determines whether the access request indicated by the specified permission should be allowed or denied, based on the security policy currently in effect and given subject.
static WASPAccessController	getInstance() Get the current instance of WASP access controller.
static void	initSingleton(java.util.Map configurationParameters) Initializes singleton using given parameters.
static void	setSingleton(WASPAccessController controller) Sets the singleton to be used.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

WASP_AC_IMPL

public static final java.lang.String WASP_AC_IMPL

the key for the name of WASPAccessController implementation class

See Also:

Constant Field Values

WASP_POLICY_INSTANCE

public static final java.lang.String WASP_POLICY_INSTANCE

the key for updateable policy used (optional), used as intialization parameter

See Also:

Constant Field Values

Constructor Detail

WASPAccessController

protected WASPAccessController(java.util.Map configurationParameters)

Initialization of this using given properties. Not implemented here, but must be implemented by extenders.

Parameters:

configurationParameters - additional configuration parameters depending on the concrete implementation.

Throws:

java.lang.SecurityException - unable to initialize with given properties

Method Detail

getInstance

public static final WASPAccessController getInstance()

Get the current instance of WASP access controller. If the singleton has not been previously set or initialized, then it is

1. first checked if "wasp.ac.impl" System property is set and if (yes) the initSingleton method is invoked using System properties),
2. if the first step was not successful, JAASAccessController class is used.

JAASAccessController is used.

Returns:

instance of current wasp access controller.

setSingleton

public static final void setSingleton(WASPAccessController controller)
                               throws java.lang.SecurityException

Sets the singleton to be used.

Parameters:

controller - singleton to be used

Throws:

java.lang.SecurityException - singleton is already set

initSingleton

public static final void initSingleton(java.util.Map configurationParameters)
                                throws java.lang.SecurityException

Initializes singleton using given parameters.

Parameters:

configurationParameters - a Map of configuration parameters. It must contain the following keys :

• wasp.ac.impl (string) Class which extends this class
• aditional parameters (given to implementation class)

Throws:

java.lang.SecurityException - singleton is already set, or singleton cannot be initialized

checkPermission

public static final void checkPermission(java.security.Permission perm)
                                  throws java.security.AccessControlException

Deprecated. use org.idoox.wasp.WaspSecurity.checkPermission for permission checking.

Determines whether the access request indicated by the specified permission should be allowed or denied, based on the security policy currently in effect and subject from ReceivedCredentials. This method quietly returns if the access request is permitted, or throws a suitable AccessControlException otherwise. Singleton of this class should be initialized before first invocation of this method.

Parameters:

perm - the requested permission (should not be null)

Throws:

java.security.AccessControlException - if the specified permission is not permitted, based on the current security policy.

checkPermission

public abstract void checkPermission(javax.security.auth.Subject subject,
                                     java.security.Permission perm)
                              throws java.security.AccessControlException

Determines whether the access request indicated by the specified permission should be allowed or denied, based on the security policy currently in effect and given subject. This method quietly returns if the access request is permitted, or throws a suitable AccessControlException otherwise.

Parameters:

subject - permission is checked for this subject (can be null)

perm - the requested permission (should not be null)

Throws:

java.security.AccessControlException - if the specified permission is not permitted, based on the current security policy.