Package digilib.auth
Class MetaAccessAuthzOps
java.lang.Object
digilib.auth.AuthzOpsImpl
digilib.auth.MetaAccessAuthzOps
- All Implemented Interfaces:
AuthzOps
Implementation of AuthzOps using "access" information from file metadata.
Requires FileMeta implementation providing "access", e.g. digilib.meta.IndexMetaFileMeta.
The name of the configuration file is read from the digilib config parameter "auth-file".
The tag "digilib-access" is read from the auth-file configuration file:
<digilib-access>
<access type="group:mpiwg" role="mpiwg-user"/>
<access type="default" role=""/>
</digilib-access>
A user must supply one of the roles under "role" to access any object with the metadata "access" type of "type".
Roles under "role" must be separated by comma only (no spaces).
Access type "default" applies to objects without metadata access tag.-
Field Summary
FieldsFields inherited from class digilib.auth.AuthzOpsImpl
authnOps
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
init
(DigilibConfiguration dlConfig) Initialize authentication operations.rolesForPath
(DigilibServletRequest dlRequest) Return authorization roles needed for request.Methods inherited from class digilib.auth.AuthzOpsImpl
isAuthorizationRequired, isAuthorized, isRoleAuthorized
-
Field Details
-
logger
protected static final org.slf4j.Logger logger -
configFile
-
rolesMap
-
defaultRoles
-
-
Constructor Details
-
MetaAccessAuthzOps
public MetaAccessAuthzOps()
-
-
Method Details
-
init
Initialize authentication operations. Reads tag "digilib-access" from configuration file and sets up authentication arrays.- Specified by:
init
in interfaceAuthzOps
- Specified by:
init
in classAuthzOpsImpl
- Parameters:
dlConfig
- current DigilibConfiguration- Throws:
AuthOpException
- Exception thrown on error.
-
rolesForPath
Return authorization roles needed for request. Returns the list of authorization roles that are needed to access the specified path. No list means the path is free. The location information of the request is also considered.- Specified by:
rolesForPath
in classAuthzOpsImpl
- Parameters:
dlRequest
- ServletRequest with address information.- Returns:
- List of Strings with role names.
- Throws:
AuthOpException
- Exception thrown on error.
-