Package org.picketbox.plugins.authorization

Class PicketBoxAuthorizationModule

java.lang.Object

org.picketbox.plugins.authorization.PicketBoxAuthorizationModule

All Implemented Interfaces:

AuthorizationModule

public class PicketBoxAuthorizationModule
extends Object
implements AuthorizationModule

Simple Authorization Module that authorizes users with the configured roles Note:The roles need to be placed as a comma separated list of values.

Example:

<policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:jboss:security-config:5.0" xmlns="urn:jboss:security-config:5.0" xmlns:jbxb="urn:jboss:security-config:5.0">
<application-policy name = "test">
<authentication>
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required">
<module-option name = "name">1.1</module-option>
<module-option name = "succeed">true</module-option>
<module-option name = "throwEx">false</module-option>
</login-module>
</authentication>
<authorization>
<policy-module
code="org.picketbox.plugins.authorization.PicketBoxAuthorizationModule">
<module-option name="roles">validuser</module-option>
</policy-module>
</authorization>
</application-policy>
</policy>

Constructor Summary

Constructors

Constructor	Description
PicketBoxAuthorizationModule()

Method Summary

Modifier and Type	Method	Description
boolean	abort()	Abort the Authorization Process
int	authorize(Resource resource)	Authorize the resource
boolean	commit()	Overall authorization process has succeeded.
boolean	destroy()	A final cleanup opportunity offered
void	initialize(Subject subject, CallbackHandler handler, Map<String,Object> sharedState, Map<String,Object> options, RoleGroup roles)	Initialize the module

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PicketBoxAuthorizationModule

public PicketBoxAuthorizationModule()

Method Detail

abort

public boolean abort()
              throws AuthorizationException

Description copied from interface: AuthorizationModule

Abort the Authorization Process

Specified by:

abort in interface AuthorizationModule

Returns:

true - abort passed, false-otherwise

Throws:

AuthorizationException

authorize

public int authorize(Resource resource)

Description copied from interface: AuthorizationModule

Authorize the resource

Specified by:

authorize in interface AuthorizationModule

Returns:

AuthorizationContext.PERMIT or AuthorizationContext.DENY

commit

public boolean commit()
               throws AuthorizationException

Description copied from interface: AuthorizationModule

Overall authorization process has succeeded. The module can commit any decisions it has made, with third party systems like a database.

Specified by:

commit in interface AuthorizationModule

Returns:

Throws:

AuthorizationException

destroy

public boolean destroy()

Description copied from interface: AuthorizationModule

A final cleanup opportunity offered

Specified by:

destroy in interface AuthorizationModule

Returns:

cleanup by the module passed or not

initialize

public void initialize(Subject subject,
                       CallbackHandler handler,
                       Map<String,Object> sharedState,
                       Map<String,Object> options,
                       RoleGroup roles)

Initialize the module

Specified by:

initialize in interface AuthorizationModule

Parameters:

subject - the authenticated subject

handler - CallbackHandler

sharedState - state shared with other configured modules

options - options specified in the Configuration for this particular module

roles - Roles of the subject