KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jbpm > security > Authorization


1 package org.jbpm.security;
2
3 import java.security.*;
4
5 import org.jbpm.*;
6 import org.jbpm.graph.def.*;
7 import org.jbpm.graph.exe.*;
8 import org.jbpm.security.authorizer.*;
9
10 /**
11  * provides central access point to the configurable authorization.
12  * <p>
13  * By default, jBPM does not do authorization checking. To activate
14  * authorization checking, set the property 'jbpm.authorizer' to the
15  * fully qualified class name of an {@link org.jbpm.security.authorizer.Authorizer}
16  * implementation.
17  * </p>
18  * <p>
19  * When an {@link org.jbpm.security.authorizer.Authorizer} is configured,
20  * the jBPM code will call its checkPermission method for security sensitive
21  * workflow operations. The workflow operation being performed will be indicated
22  * with a java.security.Permission.
23  * </p>
24  * <p>
25  * Package org.jbpm.security.authorizer contains a number of {@link org.jbpm.security.authorizer.Authorizer}
26  * implementations and package org.jbpm.security.permission contains the
27  * permissions that are checked by the jBPM code.
28  * </p>
29  */

30 public class Authorization {
31   
32   protected static Authorizer authorizer = (Authorizer) JbpmConfiguration.getObject("jbpm.authorizer", null);
33
34   /**
35    * central method called by the jBPM code to check authorization. This method
36    * will delegate to the configured {@link Authorizer}
37    * @throws AccessControlException if the current authenticated actor is not
38    * authorized.
39    */

40   public static void checkPermission(Permission permission, ProcessDefinition processDefinition, Token token) {
41     if (authorizer!=null) {
42       authorizer.checkPermission(permission, processDefinition, token);
43     }
44   }
45 }
46
Popular Tags