AccessDecisionManager (Acegi Security System for Spring 1.0.0-RC1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.acegisecurity
Interface AccessDecisionManager

All Known Implementing Classes:: AbstractAccessDecisionManager, AffirmativeBased, ConsensusBased, UnanimousBased

public interface AccessDecisionManager

Makes a final access control (authorization) decision.

Version:: $Id: AccessDecisionManager.java,v 1.8 2005/11/17 00:55:49 benalex Exp $
Author:: Ben Alex

Method Summary
`void`	`decide(Authentication authentication, Object object, ConfigAttributeDefinition config)` Resolves an access control decision for the passed parameters.
`boolean`	`supports(Class clazz)` Indicates whether the `AccessDecisionManager` implementation is able to provide access control decisions for the indicated secured object type.
`boolean`	`supports(ConfigAttribute attribute)` Indicates whether this `AccessDecisionManager` is able to process authorization requests presented with the passed `ConfigAttribute`.

Method Detail

decide

void decide(Authentication authentication,
            Object object,
            ConfigAttributeDefinition config)
            throws AccessDeniedException,
                   InsufficientAuthenticationException

Resolves an access control decision for the passed parameters.

Parameters:: authentication - the caller invoking the method; object - the secured object being called; config - the configuration attributes associated with the secured object being invoked
Throws:: AccessDeniedException - if access is denied as the authentication does not hold a required authority or ACL privilege; InsufficientAuthenticationException - if access is denied as the authentication does not provide a sufficient level of trust

supports

boolean supports(ConfigAttribute attribute)

Indicates whether this AccessDecisionManager is able to process authorization requests presented with the passed ConfigAttribute.

This allows the AbstractSecurityInterceptor to check every configuration attribute can be consumed by the configured AccessDecisionManager and/or RunAsManager and/or AfterInvocationManager.

Parameters:: attribute - a configuration attribute that has been configured against the AbstractSecurityInterceptor
Returns:: true if this AccessDecisionManager can support the passed configuration attribute

supports

boolean supports(Class clazz)

Indicates whether the AccessDecisionManager implementation is able to provide access control decisions for the indicated secured object type.

Parameters:: clazz - the class that is being queried
Returns:: true if the implementation can process the indicated class

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.acegisecurity Interface AccessDecisionManager

decide

supports

supports

org.acegisecurity
Interface AccessDecisionManager