AuthorizationService (Teiid 6.2.0 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.metamatrix.dqp.service
Interface AuthorizationService

All Superinterfaces:: ApplicationService, SecurityFunctionEvaluator

All Known Implementing Classes:: AuthorizationServiceImpl, PlatformAuthorizationService

public interface AuthorizationService
extends ApplicationService, SecurityFunctionEvaluator
extends ApplicationService, SecurityFunctionEvaluator

This service provides a means to check whether a connection is authorized to access various data resources.

Field Summary
`static int`	`ACTION_CREATE`
`static int`	`ACTION_DELETE`
`static int`	`ACTION_READ`
`static int`	`ACTION_UPDATE`
`static java.lang.String`	`ADMIN_ROLES_FILE`
`static int`	`CONTEXT_DELETE`
`static int`	`CONTEXT_INSERT`
`static int`	`CONTEXT_PROCEDURE`
`static int`	`CONTEXT_QUERY`
`static int`	`CONTEXT_UPDATE`
`static java.lang.String`	`DEFAULT_WSDL_USERNAME`
`static java.lang.String`	`ENTITELEMENTS_ENABLED`

Fields inherited from interface com.metamatrix.query.eval.SecurityFunctionEvaluator
`ADMIN_ROLE, DATA_ROLE`

Method Summary
`boolean`	`checkingEntitlements()` Determine whether entitlements checking is enabled on the server.
`java.util.Collection`	`getInaccessibleResources(java.lang.String connectionID, int action, java.util.Collection resources, int context)` Determine which of a set of resources a connection does not have permission to perform the specified action.
`java.util.Collection<AuthorizationPolicy>`	`getPoliciesInRealm(AuthorizationRealm realm)` Returns a `Collection` of `AuthorizationPolicy`s that have `AuthorizationPermission`s in the given `AuthorizationRealm`. NOTE: It is the responsibility of the caller to determine which of the `AuthorizationPolicy`'s `AuthorizationPermission`s are actually in the given `AuthorizationRealm`.
`java.util.Collection<java.lang.String>`	`getRoleNamesForPrincipal(MetaMatrixPrincipalName principal)` Returns a Collection of String names of MetaMatrix roles to which the given principal is assigned.
`boolean`	`isCallerInRole(SessionToken session, java.lang.String roleName)`
`void`	`updatePoliciesInRealm(AuthorizationRealm realm, java.util.Collection<AuthorizationPolicy> policies)`

Methods inherited from interface com.metamatrix.common.application.ApplicationService
`initialize, start, stop`

Methods inherited from interface com.metamatrix.query.eval.SecurityFunctionEvaluator
`hasRole`

Field Detail

ACTION_READ

static final int ACTION_READ

See Also:: Constant Field Values

ACTION_CREATE

static final int ACTION_CREATE

See Also:: Constant Field Values

ACTION_UPDATE

static final int ACTION_UPDATE

See Also:: Constant Field Values

ACTION_DELETE

static final int ACTION_DELETE

See Also:: Constant Field Values

CONTEXT_QUERY

static final int CONTEXT_QUERY

See Also:: Constant Field Values

CONTEXT_INSERT

static final int CONTEXT_INSERT

See Also:: Constant Field Values

CONTEXT_UPDATE

static final int CONTEXT_UPDATE

See Also:: Constant Field Values

CONTEXT_DELETE

static final int CONTEXT_DELETE

See Also:: Constant Field Values

CONTEXT_PROCEDURE

static final int CONTEXT_PROCEDURE

See Also:: Constant Field Values

DEFAULT_WSDL_USERNAME

static final java.lang.String DEFAULT_WSDL_USERNAME

See Also:: Constant Field Values

ENTITELEMENTS_ENABLED

static final java.lang.String ENTITELEMENTS_ENABLED

See Also:: Constant Field Values

ADMIN_ROLES_FILE

static final java.lang.String ADMIN_ROLES_FILE

See Also:: Constant Field Values

Method Detail

getInaccessibleResources

java.util.Collection getInaccessibleResources(java.lang.String connectionID,
                                              int action,
                                              java.util.Collection resources,
                                              int context)
                                              throws MetaMatrixComponentException

Determine which of a set of resources a connection does not have permission to perform the specified action.

Parameters:: connectionID - Connection ID identifying the connection (and thus the user credentials); action - Action connection wishes to perform; resources - Resources the connection wishes to perform the action on, Collection of String; context - Auditing context
Returns:: Collection Subset of resources
Throws:: MetaMatrixComponentException - If an error occurs in the service while checking resources

checkingEntitlements

boolean checkingEntitlements()

Determine whether entitlements checking is enabled on the server.

Returns:: true iff server-side entitlements checking is enabled.

isCallerInRole

boolean isCallerInRole(SessionToken session,
                       java.lang.String roleName)
                       throws AuthorizationMgmtException

Throws:: AuthorizationMgmtException

getRoleNamesForPrincipal

java.util.Collection<java.lang.String> getRoleNamesForPrincipal(MetaMatrixPrincipalName principal)
                                                                throws InvalidSessionException,
                                                                       AuthorizationException,
                                                                       AuthorizationMgmtException

Returns a Collection of String names of MetaMatrix roles to which the given principal is assigned.

Parameters:: caller - the session token of the principal that is attempting to access the roles.; principal - MetaMatrixPrincipalName for which roles are sought
Returns:: The Collection of role names the principal is assigned.
Throws:: InvalidSessionException - if the administrative session is invalid; MetaMatrixSecurityException - if there is a problem internally with the MembershipService; AuthorizationException - if administrator does not have the authority to see the requested information; ComponentNotFoundException - if a component required by this method could not be found within the server; AuthorizationMgmtException

getPoliciesInRealm

java.util.Collection<AuthorizationPolicy> getPoliciesInRealm(AuthorizationRealm realm)
                                                             throws AuthorizationException,
                                                                    AuthorizationMgmtException

Returns a Collection of AuthorizationPolicys that have AuthorizationPermissions in the given AuthorizationRealm.
NOTE: It is the responsibility of the caller to determine which of the AuthorizationPolicy's AuthorizationPermissions are actually in the given AuthorizationRealm. The AuthorizationPolicy may span AuthorizationRealms.

Parameters:: caller - The session token of the principal that is attempting to retrieve the policies.; realm - The realm in which to search for AuthorizationPermissions.
Returns:: The collection of AuthorizationPolicys that have permissions in the given realm - possibly empty but never null.
Throws:: AuthorizationException - if administrator does not have the authority to perform the action.; AuthorizationMgmtException - if an error occurs in the Authorization store.

updatePoliciesInRealm

void updatePoliciesInRealm(AuthorizationRealm realm,
                           java.util.Collection<AuthorizationPolicy> policies)
                           throws AuthorizationMgmtException

Throws:: AuthorizationMgmtException