Package org.infinispan.security

Interface AuthorizationManager

All Known Implementing Classes:

AuthorizationManagerImpl, PermissiveAuthorizationManager

public interface AuthorizationManager

The AuthorizationManager is a cache-scoped component which verifies that the Subject associated with the current AccessControlContext, or explicitly specified, has the requested permissions.

Since:

7.0

Author:

Tristan Tarrant

Method Summary

Modifier and Type	Method	Description
void	checkPermission(Subject subject, AuthorizationPermission permission)	Verifies that the Subject has the requested permission.
void	checkPermission(Subject subject, AuthorizationPermission permission, String role)	Verifies that the Subject has the requested permission and role.
void	checkPermission(AuthorizationPermission permission)	Verifies that the Subject associated with the current AccessControlContext has the requested permission.
void	checkPermission(AuthorizationPermission permission, String role)	Verifies that the Subject associated with the current AccessControlContext has the requested permission and role.
void	doIf(Subject subject, AuthorizationPermission permission, Runnable runnable)	Executes the runnable only if the current user has the specified permission
EnumSet<AuthorizationPermission>	getPermissions(Subject subject)	Returns the permissions that the specified Subject has for the cache
AuthorizationPermission	getWritePermission()	Returns the permission required to write to the resource associated with this AuthorizationManager.
boolean	isPermissive()

Method Details

checkPermission

void checkPermission(AuthorizationPermission permission)

Verifies that the Subject associated with the current AccessControlContext has the requested permission. A SecurityException is thrown otherwise.

checkPermission

void checkPermission(Subject subject,
 AuthorizationPermission permission)

Verifies that the Subject has the requested permission. A SecurityException is thrown otherwise.

checkPermission

void checkPermission(AuthorizationPermission permission,
 String role)

Verifies that the Subject associated with the current AccessControlContext has the requested permission and role. A SecurityException is thrown otherwise.

checkPermission

void checkPermission(Subject subject,
 AuthorizationPermission permission,
 String role)

Verifies that the Subject has the requested permission and role. A SecurityException is thrown otherwise.

getPermissions

EnumSet<AuthorizationPermission> getPermissions(Subject subject)

Returns the permissions that the specified Subject has for the cache

getWritePermission

AuthorizationPermission getWritePermission()

Returns the permission required to write to the resource associated with this AuthorizationManager.

doIf

void doIf(Subject subject,
 AuthorizationPermission permission,
 Runnable runnable)

Executes the runnable only if the current user has the specified permission

isPermissive

boolean isPermissive()