org.aselect.agent.authorization
Class AuthorizationEngine

java.lang.Object
  extended by org.aselect.agent.authorization.AuthorizationEngine

public class AuthorizationEngine
extends java.lang.Object

A-Select Agent authorization engine.

Description:
The AuthorizationEngine contains functionality for authorizing users by means of A-Select attributes. This components reads authorization rules from the configuration and can add more evaluation rules during runtime using the addAuthorizationRule method.
The AuthorizationEngine is implemented using the Singleton design pattern.

Concurrency issues:
-

Author:
Alfa & Ariss

Method Summary
static AuthorizationEngine getHandle()
          Get a static handle to the AuthorizationEngine instance.
 boolean init(java.lang.Object oAuthorizationConfig, ConfigManager configManager, SystemLogger systemlogger)
          Initializes the AuthorizationEngine.
 boolean isUserAuthorized(java.lang.String sAppId, java.lang.String sURI, java.util.Hashtable htUserAttributes)
          Check if a user is authorized.
 void setAuthorizationRules(java.lang.String sAppId, java.lang.String[] saIDs, java.lang.String[] saRules, java.lang.String[] saURIs)
          Set authorization rules for an application.
 java.lang.String toString()
          Retrieve a String represenattion of this AuthorizationEngine.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Method Detail

getHandle

public static AuthorizationEngine getHandle()
Get a static handle to the AuthorizationEngine instance.

Description:
Checks if a static instance exists, otherwise it is created. This instance is returned.

Concurrency issues:
-

Preconditions:
-

Postconditions:
One instance of the AuthorizationEngine exists.

Returns:
A static handle to the AuthorizationEngine.

init

public boolean init(java.lang.Object oAuthorizationConfig,
                    ConfigManager configManager,
                    SystemLogger systemlogger)
Initializes the AuthorizationEngine.

Description:
Read configuration settings and initializes the components.

Concurrency issues:
-

Preconditions:
-

Postconditions:
The instance variables and components are initialized.

Parameters:
oAuthorizationConfig - The authorization configuration section.
configManager - The configuration manager.
systemlogger - The systemlogger.
Returns:
true if initialization succeeds, otherwise false.

setAuthorizationRules

public void setAuthorizationRules(java.lang.String sAppId,
                                  java.lang.String[] saIDs,
                                  java.lang.String[] saRules,
                                  java.lang.String[] saURIs)
                           throws ASelectAuthorizationException
Set authorization rules for an application.

Description:
Adds a new authorization rule to the given application. If the application allready contains rules, the rule is appended to this application.

Preconditions:
Postconditions:
The rules are added to the given application in the evaluation rules forrest.

Parameters:
sAppId - The application ID.
saIDs - The rules ID's.
saRules - The authorization rules.
saURIs - The authorization rule URI's.
Throws:
ASelectAuthorizationException - If one or more of the supplied rules are not valid authorization rules.

isUserAuthorized

public boolean isUserAuthorized(java.lang.String sAppId,
                                java.lang.String sURI,
                                java.util.Hashtable htUserAttributes)
                         throws ASelectAuthorizationException
Check if a user is authorized.

Description:
Evaluates the rules of the given application by subtitution of the given user attributrs and validating all rules.
The user is only authorized if all rules of the application apply.

Preconditions:
Postconditions:
-

Parameters:
sAppId - The app_id of the application that the user is authorized for.
sURI - The URI for which the user is authorized.
htUserAttributes - The user attributes.
Returns:
true if the user is authorized to use the given application, otherwise false.
Throws:
ASelectAuthorizationException - If evalution of the rule fails.

toString

public java.lang.String toString()
Retrieve a String represenattion of this AuthorizationEngine.

Overrides:
toString in class java.lang.Object
See Also:
Object.toString()


Copyright © 2008 SURFnet BV. All Rights Reserved.