Package digilib.auth

Class AuthzOpsImpl

java.lang.Object

digilib.auth.AuthzOpsImpl

All Implemented Interfaces:

AuthzOps

Direct Known Subclasses:

MetaAccessAuthzOps, PathAuthzOps

public abstract class AuthzOpsImpl
extends Object
implements AuthzOps

Basic implementation of AuthOps interface. Provides basic implementations. Only rolesForPath needs to be implemented by specific implementations.

Field Summary

Fields

Modifier and Type	Field	Description
protected AuthnOps	authnOps	authentication instance
protected static final org.slf4j.Logger	logger	general logger for this class

Constructor Summary

Constructors

Constructor	Description
AuthzOpsImpl()

Method Summary

Modifier and Type	Method	Description
abstract void	init(DigilibConfiguration dlConfig)	Configure this AuthzOps instance.
boolean	isAuthorizationRequired(DigilibRequest request)	Test if the request must be authorized to access the filepath.
boolean	isAuthorized(DigilibRequest request)	Test if the request is authorized to access filepath.
boolean	isRoleAuthorized(List<String> rolesRequired, DigilibServletRequest request)	Test request authorization against a list of roles.
abstract List<String>	rolesForPath(DigilibServletRequest request)	Authorization roles needed for request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

protected static final org.slf4j.Logger logger

general logger for this class

authnOps

protected AuthnOps authnOps

authentication instance

Constructor Details

AuthzOpsImpl

public AuthzOpsImpl()

Method Details

init

public abstract void init(DigilibConfiguration dlConfig)
                   throws AuthOpException

Description copied from interface: AuthzOps

Configure this AuthzOps instance.

Specified by:

init in interface AuthzOps

Parameters:

dlConfig - current DigilibConfiguration

Throws:

AuthOpException - Exception thrown on error

isAuthorizationRequired

public boolean isAuthorizationRequired(DigilibRequest request)
                                throws AuthOpException

Description copied from interface: AuthzOps

Test if the request must be authorized to access the filepath. Information about the user is taken from the DigilibRequest.

Specified by:

isAuthorizationRequired in interface AuthzOps

Parameters:

request - DigilibRequest with user information.

Returns:

true if the user request must be authorized.

Throws:

AuthOpException - Exception thrown on error.

See Also:

• AuthzOps.isAuthorizationRequired(digilib.conf.DigilibRequest)

isAuthorized

public boolean isAuthorized(DigilibRequest request)
                     throws AuthOpException

Description copied from interface: AuthzOps

Test if the request is authorized to access filepath.

Specified by:

isAuthorized in interface AuthzOps

Parameters:

request - Request with user information.

Returns:

true if the request is allowed.

Throws:

AuthOpException - Exception thrown on error.

See Also:

• AuthzOps.isAuthorized(digilib.conf.DigilibRequest)

isRoleAuthorized

public boolean isRoleAuthorized(List<String> rolesRequired,
 DigilibServletRequest request)
                         throws AuthOpException

Test request authorization against a list of roles.

Parameters:

rolesRequired - List of Strings with role names.

request - ServletRequest with address information.

Returns:

true if the user information in the request authorizes one of the roles.

Throws:

AuthOpException - Exception thrown on error.

rolesForPath

public abstract List<String> rolesForPath(DigilibServletRequest request)
                                   throws AuthOpException

Authorization roles needed for request. Returns the list of authorization roles that are needed to access the specified path. No list means the path is free. The location information of the request is also considered.

Parameters:

request - DigilibRequest with address information.

Returns:

List of Strings with role names.

Throws:

AuthOpException - Exception thrown on error.