org.systinet.security.policy (WSO2 SOA Enablement Server for Java 6.6 API)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV PACKAGE NEXT PACKAGE

FRAMES NO FRAMES

Package org.systinet.security.policy

Provides classes necessary to control policy, permissions and roles.

See:
Description

Interface Summary
PrincipalEntries	Represents an enumeration of principal entries available in updatable policy.

Class Summary
AcceptingUpdateablePolicy	Acts as a read-only updatable policy, which grants all permissons to any principal.
JAASAccessController	JAAS access controller uses standard JAAS authorization to check if the caller has sufficient priviledges.
Policy2UpdateablePolicy	This is a wrapper class for representing the updateable policy using JAAS policy.
UpdateablePolicy	This is an abstract class for representing the updateable policy for Subject-based authorization.
WASPAccessController	WASP Access controller is used by callers to check required permissions through `checkPermission` method.

Package org.systinet.security.policy Description

Provides classes necessary to control policy, permissions and roles. Authorization model in WASP is built upon JAAS and Java Security API, it uses standard Java security classes such as Principal, Permission, Subject. The functionality of standard Java security is extended to provide better control of Policy , including runtime management and roles.

Classes UpdateablePolicy and WASPAccessController enables access control for Wasp Server.

UpdateablePolicy class extends java.security.Policy and provides methods allowing for the management of roles and the modification of permission assignments (both to roles and users) during runtime. Not all the methods of the updatable policy must be implemented, only the methods inherited from JAAS Policy and metadata methods (canManageRoles and isUpdateable) are required.

WASPAccessController class checks the permissions of the invoking client. More specifically, its static checkPermission method checks if the subject contained in received credentials is granted the desired permission.

Wasp enables creating and managing of roles. Management of roles is available through role-oriented methods in the updatable policy. Each role must have a unique name and can contain any Java permission (except the WASPRole permission), that is used to assign a role to a principal. A subject based principal collection query result (UpdateablePolicy.getPermissions) always returns a union of its principal permissions.