See: Description
Interface | Description |
---|---|
AuthorizationRule |
Represents an authorization rule to determine whether an operation is allowed
on a resource.
|
AuthorizationService |
Service to determine if access to a certain resource is allowed.
|
Operation |
Represents an operation on a resource.
|
OperationCondition |
Checks if an operation matches a condition.
|
OperationRegistry |
Utility to map between a list of operations and a string based on the names
of the operations.
|
PathCondition |
Checks if a path satisfies a condition.
|
UserCondition |
Condition used to match a user against a specified set of users.
|
Class | Description |
---|---|
AbstractAuthorizationRule |
Represents an authorization rule to determine whether an operation is allowed
on a resource.
|
AbstractAuthorizationService |
Service to determine if access to a certain resource is allowed.
|
AbstractOperationCondition |
Checks if an operation matches a condition.
|
AbstractPathCondition |
Checks if a path satisfies a condition.
|
AbstractUserCondition |
Condition used to match a user against a specified set of users.
|
AllOperation |
An superclass of all other operations.
|
AnyUserCondition |
Matches any user.
|
AuthorizationInitializer |
Inititializer class for authorization rules.
|
CreateOperation |
Represents an operation to create something.
|
DefaultAuthorizationService |
Default implementation of an authorization service.
|
DefaultOperationRegistry |
Operation registry implementation.
|
DeleteOperation |
Deletes the operation.
|
GroupUserCondition |
Checks if a user against a specific group.
|
IsaOperationCondition |
Determiens if an operation is a subclass of a specified operation.
|
ReadOperation |
Represents a read operation on a resource.
|
RegexpPathCondition |
Condition to check whether a path matches a given regula expression.
|
StartsWithPathCondition |
Condition to check whether a path starts with a given string.
|
UrlAuthorizationRule |
Utility base class for implementation of authentication rules based on the
The path of the resource.
|
WriteOperation |
Represents a write operation on a resource.
|
Enum | Description |
---|---|
AuthorizationResult |
Represents the result of an authorization decision.
|
Exception | Description |
---|---|
AuthorizationException |
Authorization exception to be thrown when a resouce may not be accessed.
|
AuthorizationService
is the entry point. There is one POJO based implementation
DefaultAuthorizationService
. In addition, there is JpaAuthorizationService
which caches an authorization service for efficiency (i.e. DefaultAuthorizationService
is an entity);
The DefaultAuthorizationService
uses a number of authorization rules to determine
whether access allowed. One generic UrlAuthorizationRule
is provided which
determines whether a given user can perform a specific operation for a specific resource
type at a specific URL is allowed.
The authorization service needs to access the current user through the
UserAccessor
and needs access to the
UserAdministration
to check whether the
user belongs to certain groups.Copyright © 2022. All rights reserved.