001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id $ 026 * 027 */ 028 029package com.sun.identity.wss.security.handler; 030 031import javax.security.auth.Subject; 032import com.sun.identity.wss.security.SecurityMechanism; 033import com.sun.identity.wss.security.SecurityToken; 034import com.sun.identity.wss.security.SecurityException; 035import com.sun.identity.wss.provider.ProviderConfig; 036 037/** 038 * This interface provides a pluggable authorizer for the webservices 039 * to authorize the web service clients. 040 * @supported.all.api 041 */ 042public interface MessageAuthorizer { 043 044 045 /** 046 * Authorizes the web services client. 047 * @param subject authenticated subject. 048 * @param secureMessage the secure SOAPMessage. 049 * If the message security is provided by the WS-I profies, the 050 * secureMessage object is of type 051 * <code>com.sun.identity.wss.security.handler.SecureSOAPMessage</code>. 052 * If the message security is provided by the Liberty ID-WSF 053 * profiles, the secure message is of type 054 * <code>com.sun.identity.liberty.ws.soapbinding.Message</code>. 055 * @param securityMechanism the security mechanism that will be used to 056 * authenticate the web services client. 057 * @param securityToken the security token that is used. 058 * @param config the provider configuration. 059 * @param isLiberty boolean variable to indicate that the message 060 * security is provided by the liberty security profiles. 061 * @exception SecurityException if there is an exception 062 * during authorization. 063 */ 064 public boolean authorize( 065 Subject subject, 066 Object secureMessage, 067 SecurityMechanism securityMechanism, 068 SecurityToken securityToken, 069 ProviderConfig config, 070 boolean isLiberty) throws SecurityException; 071 072}