com.ibm.wsspi.security.authorization.saf
Interface SAFAuthorizationService


public interface SAFAuthorizationService

Perform authorization checks against SAF resources.


Method Summary
 boolean isAuthorized(com.ibm.wsspi.security.credentials.saf.SAFCredential safCredential, java.lang.String className, java.lang.String resourceName, AccessLevel accessLevel)
          Determines if the identity represented by the given SAFCredential has the specified access to the given SAF resource in the given SAF class.
 boolean isAuthorized(java.lang.String className, java.lang.String resourceName, AccessLevel accessLevel)
          Determines if the Subject on the calling thread has the specified access to the given SAF resource in the given SAF class.
 boolean isAuthorized(javax.security.auth.Subject subject, java.lang.String className, java.lang.String resourceName, AccessLevel accessLevel)
          Determines if the given Subject has the specified access to the given SAF resource in the given SAF class.
 

Method Detail

isAuthorized

boolean isAuthorized(java.lang.String className,
                     java.lang.String resourceName,
                     AccessLevel accessLevel)
Determines if the Subject on the calling thread has the specified access to the given SAF resource in the given SAF class. This method is protected by WebSphereRuntimePermission with the target name of safAuthorizationService. A java.lang.SecurityException is thrown if Java 2 Security Manager is installed and the code is not granted the permission.

Parameters:
className - The SAF class of the protected resource.
resourceName - The SAF protected resource.
accessLevel - The required access level. If null, the default is AccessLevel.READ.
Returns:
true if the Subject on the calling thread has the required access; otherwise false.
Throws:
java.lang.NullPointerException - if className or resourceName is null.

isAuthorized

boolean isAuthorized(javax.security.auth.Subject subject,
                     java.lang.String className,
                     java.lang.String resourceName,
                     AccessLevel accessLevel)
Determines if the given Subject has the specified access to the given SAF resource in the given SAF class. This method is protected by WebSphereRuntimePermission with the target name of safAuthorizationService. A java.lang.SecurityException is thrown if Java 2 Security Manager is installed and the code is not granted the permission.

Parameters:
subject - The Subject to authorize.
className - The SAF class of the protected resource.
resourceName - The SAF protected resource.
accessLevel - The required access level. If null, the default is AccessLevel.READ.
Returns:
true if the Subject has the required access; otherwise false.
Throws:
java.lang.NullPointerException - if subject, className or resourceName is null.

isAuthorized

boolean isAuthorized(com.ibm.wsspi.security.credentials.saf.SAFCredential safCredential,
                     java.lang.String className,
                     java.lang.String resourceName,
                     AccessLevel accessLevel)
Determines if the identity represented by the given SAFCredential has the specified access to the given SAF resource in the given SAF class. This method is protected by WebSphereRuntimePermission with the target name of safAuthorizationService. A java.lang.SecurityException is thrown if Java 2 Security Manager is installed and the code is not granted the permission.

Parameters:
safCredential - The SAFCredential to authorize.
className - The SAF class of the protected resource.
resourceName - The SAF protected resource.
accessLevel - The required access level. If null, the default is AccessLevel.READ.
Returns:
true if the Subject has the required access; otherwise false.
Throws:
java.lang.NullPointerException - if safCredential, className or resourceName is null.