AuthorizationManager


1   /*
2   jGuard is a security framework based on top of jaas (java authentication and authorization security).
3   it is written for web applications, to resolve simply, access control problems.
4   version $Name$
5   http://sourceforge.net/projects/jguard/
6   
7   Copyright (C) 2004  Charles GAY
8   
9   This library is free software; you can redistribute it and/or
10  modify it under the terms of the GNU Lesser General Public
11  License as published by the Free Software Foundation; either
12  version 2.1 of the License, or (at your option) any later version.
13  
14  This library is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17  Lesser General Public License for more details.
18  
19  You should have received a copy of the GNU Lesser General Public
20  License along with this library; if not, write to the Free Software
21  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
22  
23  
24  jGuard project home page:
25  http://sourceforge.net/projects/jguard/
26  
27  */
28  package net.sf.jguard.ext.authorization.manager;
29  
30  import java.io.IOException  ;
31  import java.io.OutputStream  ;
32  import java.security.Permission  ;
33  import java.security.Principal  ;
34  import java.util.Collection  ;
35  import java.util.List  ;
36  import java.util.Map  ;
37  import java.util.Set  ;
38  
39  import net.sf.jguard.core.authorization.manager.PermissionProvider;
40  import net.sf.jguard.core.authorization.permissions.Domain;
41  import net.sf.jguard.core.authorization.permissions.JGPermissionCollection;
42  import net.sf.jguard.ext.authorization.AuthorizationException;
43  
44  /**
45   * retrieve user's permissions.
46   * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
47   * @author <a HREF="mailto:vinipitta@users.sourceforge.net">Vinicius Pitta Lima de Araujo</a>
48   * @author <a HREF="mailto:tandilero@users.sourceforge.net">Maximiliano Batelli</a>
49   */
50  public interface AuthorizationManager extends PermissionProvider {
51  
52      
53      
54       /**
55       * Init AuthorizationManager implementation with a parameters map.
56       *
57       * @param options - map value for options
58       */
59      public void init(Map   options);
60      
61     
62      
63      
64      /**
65       * return needed initialization parameters.
66       * @return parameters list.
67       */
68      public  List   getInitParameters();
69  
70      
71  
72      /**
73       * create an URLPermission giving a url and a domain
74       * @param url
75       * @param domainName
76       * @throws AuthorizationException
77       */
78      public void createPermission(Permission   url,String   domainName) throws AuthorizationException;
79  
80      public Permission   readPermission(String   permissionName)throws AuthorizationException;
81  
82      public void updatePermission (String   oldPermissionName, Permission   url,String   newDomainName) throws AuthorizationException;
83  
84      public void deletePermission (String   permissionName)throws AuthorizationException;
85  
86      public JGPermissionCollection listPermissions();
87  
88      public void createDomain(String   domainName) throws AuthorizationException;
89  
90      public JGPermissionCollection readDomain(String   domainName)throws AuthorizationException;
91  
92      public void updateDomain (String   newName,String   oldName) throws AuthorizationException;
93  
94      public void deleteDomain (String   domainName)throws AuthorizationException;
95  
96      public Set   listDomains()throws AuthorizationException;
97  
98      public void createPrincipal(Principal   principal)throws AuthorizationException;
99  
100     /**
101      * Clone a Principal with a random name
102      * @param roleName Principal name to clone
103      * @return cloned Principal with a different name: roleName + Random integer betweeen 0 and 99999
104      * @throws AuthorizationException
105      */
106     public Principal   clonePrincipal(String   roleName) throws AuthorizationException;
107     /**
108      * Clone a Principal. If Principal is instance of RolePrincipal makes a call to the clone method leting the clone task to RolePrincipal
109      * @param roleName Principal name to clone
110      * @param cloneName Principal cloned name
111      * @return cloned Principal with the given cloneName
112      * @throws AuthorizationException
113      */
114     public Principal   clonePrincipal(String   roleName, String   cloneName) throws AuthorizationException;
115 
116     public Principal   readPrincipal(String   roleName)throws AuthorizationException;
117 
118     /**
119      * update the application Principal (role).
120      * @param oldPrincipalName the name the principal had
121      * @param principal the new principal updated
122      * @see net.sf.jguard.ext.authorization.manager.AuthorizationManager#updatePrincipal(net.sf.jguard.core.principals.RolePrincipal)
123      * @throws AuthorizationException
124      */
125     public void updatePrincipal(String   oldPrincipalName, Principal   principal) throws AuthorizationException;
126 
127     public void deletePrincipal (Principal   principal)throws AuthorizationException;
128 
129     public Set   listPrincipals();
130 
131     public Set   getDomains (Collection   domainNames);
132 
133     public Set   getPermissions (Collection   permissionNames);
134 
135     public void addToPrincipal(String   roleName, Permission   perm)throws AuthorizationException;
136 
137     public void addToPrincipal(String   roleName, Domain domain)throws AuthorizationException;
138 
139     /* RBAC Role General Hierarchical model specific methods */
140 
141     /**
142      * This commands establishes a new immediate inheritance relationship
143      * between the existing principals roleAsc and the roleDesc.
144      * The command is valid if and only if the role roleAsc is not an immediate
145      * ascendant of roleDesc, and descendant does
146      * not properly inherit roleAsc role (in order to avoid cycle creation).
147      *
148      * @param roleAscName  the role that will inherite.
149      * @param roleDescName the role that will be inherited.
150      * @throws AuthorizationException if the inheritance already exists or create a cycle.
151      */
152     public void addInheritance(String   roleAscName, String   roleDescName) throws AuthorizationException;
153 
154     /**
155      * Delete the existing inheritance beteween roleAsc and roleDesc.
156      *
157      * @param roleAscName
158      * @param roleDescName
159      * @throws AuthorizationException
160      */
161     public void deleteInheritance(String   roleAscName, String   roleDescName) throws AuthorizationException;
162 
163     /**
164      * replace the inital principal with the new one.
165      * @param principal RolePrincipal updated
166      * @throws AuthorizationException
167      * @see net.sf.jguard.ext.authorization.manager.AuthorizationManager#updatePrincipal(net.sf.jguard.core.principals.RolePrincipal)
168      */
169     public void updatePrincipal(Principal   principal) throws AuthorizationException;
170 
171 
172     /**
173      * return an unmodifiable Domain Set.
174      * @return
175      */
176     public Set   getDomainsSet();
177 
178     /**
179      * return an unmodifiable Principal Set.
180      * @return
181      */
182     public Set   getPrincipalsSet();
183 
184     /**
185      * return an unmodifiable Permissions Set.
186      * @return
187      */
188     public Set   getPermissionsSet();
189 
190      public boolean isEmpty();
191      
192       public void importAuthorizationManager(AuthorizationManager authorizationManager)throws AuthorizationException;
193         
194 }
195
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags