Authorization


1   package org.jbpm.security;
2   
3   import java.security.*;
4   
5   import org.jbpm.*;
6   import org.jbpm.graph.def.*;
7   import org.jbpm.graph.exe.*;
8   import org.jbpm.security.authorizer.*;
9   
10  /**
11   * provides central access point to the configurable authorization.
12   * <p>
13   * By default, jBPM does not do authorization checking.  To activate 
14   * authorization checking, set the property 'jbpm.authorizer' to the 
15   * fully qualified class name of an {@link org.jbpm.security.authorizer.Authorizer}
16   * implementation.
17   * </p>
18   * <p>
19   * When an {@link org.jbpm.security.authorizer.Authorizer} is configured, 
20   * the jBPM code will call its checkPermission method for security sensitive 
21   * workflow operations.  The workflow operation being performed will be indicated 
22   * with a java.security.Permission.
23   * </p>
24   * <p>
25   * Package org.jbpm.security.authorizer contains a number of {@link org.jbpm.security.authorizer.Authorizer}
26   * implementations and package org.jbpm.security.permission contains the 
27   * permissions that are checked by the jBPM code.
28   * </p>
29   */ 
30  public class Authorization {
31    
32    protected static Authorizer authorizer = (Authorizer) JbpmConfiguration.getObject("jbpm.authorizer", null);
33  
34    /**
35     * central method called by the jBPM code to check authorization.  This method
36     * will delegate to the configured {@link Authorizer}
37     * @throws AccessControlException if the current authenticated actor is not 
38     * authorized.  
39     */
40    public static void checkPermission(Permission permission, ProcessDefinition processDefinition, Token token) {
41      if (authorizer!=null) {
42        authorizer.checkPermission(permission, processDefinition, token);
43      }
44    }
45  }
46
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags