KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > objectweb > easybeans > api > EZBPermissionManager


1 /**
2  * EasyBeans
3  * Copyright (C) 2006 Bull S.A.S.
4  * Contact: easybeans@objectweb.org
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
19  * USA
20  *
21  * --------------------------------------------------------------------------
22  * $Id: EZBPermissionManager.java 1152 2006-10-11 14:07:37Z benoitf $
23  * --------------------------------------------------------------------------
24  */

25
26 package org.objectweb.easybeans.api;
27
28 /**
29  * Class that is linked to an EasyBeans factory and manages the check of the
30  * security.
31  * @author Florent Benoit
32  */

33 public interface EZBPermissionManager {
34
35     /**
36      * Checks the security for the given invocation context.
37      * @param invocationContext the context to check.
38      * @param runAsBean if true, the bean is a run-as bean.
39      * @return true if the access has been granted, else false.
40      */

41     boolean checkSecurity(final EasyBeansInvocationContext invocationContext, boolean runAsBean);
42
43     /**
44      * Test if the caller has a given role. EJBRoleRefPermission object must be
45      * created with ejbName and actions equal to roleName<br/>
46      * See section 4.3.2 of JACC
47      * @param ejbName The name of the EJB on wich look role
48      * @param roleName The name of the security role. The role must be one of
49      * the security-role-ref that is defined in the deployment
50      * descriptor.
51      * @param inRunAs bean calling this method is running in run-as mode or not ?
52      * @return True if the caller has the specified role.
53      */

54     boolean isCallerInRole(final String JavaDoc ejbName, final String JavaDoc roleName, final boolean inRunAs);
55
56     /**
57      * 3.1.5 Translating EJB Deployment Descriptors<br>
58      * A reference to a PolicyConfiguration object must be obtained by calling
59      * the getPolicyConfiguration method on the PolicyConfigurationFactory
60      * implementation class of the provider configured into the container. The
61      * policy context identifier used in the call to getPolicyConfiguration must
62      * be a String that satisfies the requirements described in Section 3.1.4,
63      * EJB Policy Context Identifiers, on page 28. The value true must be passed
64      * as the second parameter in the call to getPolicyConfiguration to ensure
65      * that any and all policy statements are removed from the policy context
66      * associated with the returned PolicyConfiguration. The method-permission,
67      * exclude-list, and security-role-ref elements appearing in the deployment
68      * descriptor must be translated into permissions and added to the
69      * PolicyConfiguration object to yield an equivalent translation as that
70      * defined in the following sections and such that every EJB method for
71      * which the container performs pre-dispatch access decisions is implied by
72      * at least one permission resulting from the translation.
73      * @throws PermissionManagerException if permissions can't be set
74      */

75     void translateMetadata() throws PermissionManagerException;
76
77
78     /**
79      * Commit the Policy Configuration.
80      * @throws PermissionManagerException if commit can't be done
81      */

82     void commit() throws PermissionManagerException;
83
84 }
85
Popular Tags