Package digilib.auth
Class AuthzOpsImpl
- java.lang.Object
-
- digilib.auth.AuthzOpsImpl
-
- All Implemented Interfaces:
AuthzOps
- Direct Known Subclasses:
MetaAccessAuthzOps
,PathAuthzOps
public abstract class AuthzOpsImpl extends Object implements AuthzOps
Basic implementation of AuthOps interface. Provides basic implementations. Only rolesForPath needs to be implemented by specific implementations.
-
-
Constructor Summary
Constructors Constructor Description AuthzOpsImpl()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description abstract void
init(DigilibConfiguration dlConfig)
Configure this AuthzOps instance.boolean
isAuthorizationRequired(DigilibRequest request)
Test if the request must be authorized to access the filepath.boolean
isAuthorized(DigilibRequest request)
Test if the request is authorized to access filepath.boolean
isRoleAuthorized(List<String> rolesRequired, DigilibServletRequest request)
Test request authorization against a list of roles.abstract List<String>
rolesForPath(DigilibServletRequest request)
Authorization roles needed for request.
-
-
-
Field Detail
-
logger
protected static final org.slf4j.Logger logger
general logger for this class
-
authnOps
protected AuthnOps authnOps
authentication instance
-
-
Method Detail
-
init
public abstract void init(DigilibConfiguration dlConfig) throws AuthOpException
Description copied from interface:AuthzOps
Configure this AuthzOps instance.- Specified by:
init
in interfaceAuthzOps
- Parameters:
dlConfig
- current DigilibConfiguration- Throws:
AuthOpException
- Exception thrown on error
-
isAuthorizationRequired
public boolean isAuthorizationRequired(DigilibRequest request) throws AuthOpException
Description copied from interface:AuthzOps
Test if the request must be authorized to access the filepath. Information about the user is taken from the DigilibRequest.- Specified by:
isAuthorizationRequired
in interfaceAuthzOps
- Parameters:
request
- DigilibRequest with user information.- Returns:
- true if the user request must be authorized.
- Throws:
AuthOpException
- Exception thrown on error.- See Also:
AuthzOps.isAuthorizationRequired(digilib.conf.DigilibRequest)
-
isAuthorized
public boolean isAuthorized(DigilibRequest request) throws AuthOpException
Description copied from interface:AuthzOps
Test if the request is authorized to access filepath.- Specified by:
isAuthorized
in interfaceAuthzOps
- Parameters:
request
- Request with user information.- Returns:
- true if the request is allowed.
- Throws:
AuthOpException
- Exception thrown on error.- See Also:
AuthzOps.isAuthorized(digilib.conf.DigilibRequest)
-
isRoleAuthorized
public boolean isRoleAuthorized(List<String> rolesRequired, DigilibServletRequest request) throws AuthOpException
Test request authorization against a list of roles.- Parameters:
rolesRequired
- List of Strings with role names.request
- ServletRequest with address information.- Returns:
- true if the user information in the request authorizes one of the roles.
- Throws:
AuthOpException
- Exception thrown on error.
-
rolesForPath
public abstract List<String> rolesForPath(DigilibServletRequest request) throws AuthOpException
Authorization roles needed for request. Returns the list of authorization roles that are needed to access the specified path. No list means the path is free. The location information of the request is also considered.- Parameters:
request
- DigilibRequest with address information.- Returns:
- List of Strings with role names.
- Throws:
AuthOpException
- Exception thrown on error.
-
-