Package digilib.auth

Class MetaAccessAuthzOps

java.lang.Object
digilib.auth.AuthzOpsImpl
digilib.auth.MetaAccessAuthzOps
All Implemented Interfaces:
AuthzOps

public class MetaAccessAuthzOps extends AuthzOpsImpl
Implementation of AuthzOps using "access" information from file metadata. Requires FileMeta implementation providing "access", e.g. digilib.meta.IndexMetaFileMeta. The name of the configuration file is read from the digilib config parameter "auth-file". The tag "digilib-access" is read from the auth-file configuration file:
 
 <digilib-access>
   <access type="group:mpiwg" role="mpiwg-user"/>
   <access type="default" role=""/>
 </digilib-access>
 
 
A user must supply one of the roles under "role" to access any object with the metadata "access" type of "type". Roles under "role" must be separated by comma only (no spaces). Access type "default" applies to objects without metadata access tag.
  • Field Details

    • logger

      protected static final org.slf4j.Logger logger
    • configFile

      protected File configFile
    • rolesMap

      protected Map<String,List<String>> rolesMap
    • defaultRoles

      protected List<String> defaultRoles
  • Constructor Details

    • MetaAccessAuthzOps

      public MetaAccessAuthzOps()
  • Method Details

    • init

      public void init(DigilibConfiguration dlConfig) throws AuthOpException
      Initialize authentication operations. Reads tag "digilib-access" from configuration file and sets up authentication arrays.
      Specified by:
      init in interface AuthzOps
      Specified by:
      init in class AuthzOpsImpl
      Parameters:
      dlConfig - current DigilibConfiguration
      Throws:
      AuthOpException - Exception thrown on error.
    • rolesForPath

      public List<String> rolesForPath(DigilibServletRequest dlRequest) throws AuthOpException
      Return authorization roles needed for request. Returns the list of authorization roles that are needed to access the specified path. No list means the path is free. The location information of the request is also considered.
      Specified by:
      rolesForPath in class AuthzOpsImpl
      Parameters:
      dlRequest - ServletRequest with address information.
      Returns:
      List of Strings with role names.
      Throws:
      AuthOpException - Exception thrown on error.