001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: Authorizer.java,v 1.2 2008/06/25 05:47:18 qcheng Exp $ 026 * 027 */ 028 029package com.sun.identity.liberty.ws.interfaces; 030 031/** 032 * This class <code>Authorizer</code> is an interface for identity service 033 * to check authorization of a <code>WSC</code>. 034 * @supported.all.api 035 */ 036public interface Authorizer { 037 038 /** 039 * Key of a parameter Map which contains information useful for policy 040 * evaluation. The value of this key is id of the user whose resource id 041 * being accessed. 042 */ 043 public static final String USER_ID = "userID"; 044 045 /** 046 * Key of a parameter Map which contains information useful for policy 047 * evaluation. The value of this key is the authentication mechanism 048 * web service consumer used. 049 */ 050 public static final String AUTH_TYPE = "authType"; 051 052 /** 053 * Key of a parameter Map which contains information useful for policy 054 * evaluation. The value of this key is 055 * <code>com.sun.identity.liberty.ws.soapbinding.Message</code>. 056 */ 057 public static final String MESSAGE = "message"; 058 059 060 /** 061 * Checks if the <code>WSC</code> is authorized to query or modify the 062 * select data. 063 * 064 * @param credential credential of a <code>WSC</code>. 065 * @param action request action. 066 * @param data Object who is being accessed. 067 * @param env A Map contains information useful for policy evaluation. 068 * The following key is defined and its value should be 069 * passed in: 070 * Key: <code>USER_ID</code> 071 * Value: id of the user whose resource is being accessed. 072 * Key: <code>AUTH_TYPE</code> 073 * Value: The authentication mechanism <code>WSC</code> used. 074 * Key: <code>MESSAGE</code> 075 * Value: 076 * <code>com.sun.identity.liberty.ws.soapbinding.Message 077 * </code>. 078 * @return true if the <code>WSC</code> is authorized. 079 */ 080 public boolean isAuthorized(Object credential, String action, 081 Object data, java.util.Map env); 082 083 /** 084 * Returns authorization decision for the given action(query or modify) 085 * and to the given select data 086 * @param credential credential of a <code>WSC</code>. 087 * @param action request action. 088 * @param data Object who is being accessed. 089 * @param env A Map contains information useful for policy evaluation. 090 * The following key is defined and its value should be passed in: 091 * Key: <code>USER_ID</code> 092 * Value: id of the user whose resource is being accessed. 093 * Key: <code>AUTH_TYPE</code> 094 * Value: The authentication mechanism <code>WSC</code> used. 095 * Key: <code>MESSAGE</code> 096 * Value: 097 * <code>com.sun.identity.liberty.ws.soapbinding.Message</code>. 098 * @return <code>AuthorizationDecision</code> object contains authorization 099 * decision information for the given resource. 100 * @exception Exception 101 */ 102 public Object getAuthorizationDecision( 103 Object credential, 104 String action, 105 Object data, 106 java.util.Map env) 107 throws Exception; 108 109}