Package org.wamblee.security.authorization

The authorization package provides an authorization service that can be used to check whether users have the rights to perform certain operations.

See:
          Description

Interface Summary
AuthorizationRule Represents an authorization rule to determine whether an operation is allowed on a resource.
AuthorizationService Service to determine if access to a certain resource is allowed.
Operation Represents an operation on a resource.
OperationCondition Checks if an operation matches a condition.
OperationRegistry Utility to map between a list of operations and a string based on the names of the operations.
PathCondition Checks if a path satisfies a condition.
UserCondition Condition used to match a user against a specified set of users.
 

Class Summary
AbstractAuthorizationRule Represents an authorization rule to determine whether an operation is allowed on a resource.
AbstractAuthorizationService Service to determine if access to a certain resource is allowed.
AbstractOperationCondition Checks if an operation matches a condition.
AbstractPathCondition Checks if a path satisfies a condition.
AbstractUserCondition Condition used to match a user against a specified set of users.
AllOperation An superclass of all other operations.
AnyUserCondition Matches any user.
AuthorizationInitializer Inititializer class for authorization rules.
CreateOperation Represents an operation to create something.
DefaultAuthorizationService Default implementation of an authorization service.
DefaultOperationRegistry Operation registry implementation.
DeleteOperation Deletes the operation.
GroupUserCondition Checks if a user against a specific group.
IsaOperationCondition Determiens if an operation is a subclass of a specified operation.
ReadOperation Represents a read operation on a resource.
RegexpPathCondition Condition to check whether a path matches a given regula expression.
StartsWithPathCondition Condition to check whether a path starts with a given string.
UrlAuthorizationRule Utility base class for implementation of authentication rules based on the The path of the resource.
WriteOperation Represents a write operation on a resource.
 

Enum Summary
AuthorizationResult Represents the result of an authorization decision.
 

Exception Summary
AuthorizationException Authorization exception to be thrown when a resouce may not be accessed.
 

Package org.wamblee.security.authorization Description

The authorization package provides an authorization service that can be used to check whether users have the rights to perform certain operations.

AuthorizationService is the entry point. There is one POJO based implementation DefaultAuthorizationService. In addition, there is JpaAuthorizationService which caches an authorization service for efficiency (i.e. DefaultAuthorizationService is an entity); The DefaultAuthorizationService uses a number of authorization rules to determine whether access allowed. One generic UrlAuthorizationRule is provided which determines whether a given user can perform a specific operation for a specific resource type at a specific URL is allowed. The authorization service needs to access the current user through the UserAccessor and needs access to the UserAdministration to check whether the user belongs to certain groups.



Copyright © 2021. All Rights Reserved.