AuthorityGranter xref

View Javadoc

1   /* Copyright 2004, 2005 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.providers.jaas;
17  
18  import java.security.Principal;
19  
20  import java.util.Set;
21  
22  
23  /***
24   * The AuthorityGranter interface is used to map a given principal to role
25   * names.
26   * 
27   * <P>
28   * If a Windows NT login module were to be used from JAAS, an AuthrityGranter
29   * implementation could be created to map a NT Group Principal to a ROLE_USER
30   * role for instance. <br>
31   * </p>
32   *
33   * @author Ray Krueger
34   * @version $Id: AuthorityGranter.java,v 1.6 2005/11/17 00:55:52 benalex Exp $
35   */
36  public interface AuthorityGranter {
37      //~ Methods ================================================================
38  
39      /***
40       * The grant method is called for each principal returned from the
41       * LoginContext subject. If the AuthorityGranter wishes to grant any
42       * authorities, it should return a java.util.Set containing the role names
43       * it wishes to grant, such as ROLE_USER. If the AuthrityGranter does not
44       * wish to grant any authorities it should return null. <br>
45       * The set may contain any object as all objects in the returned set will be
46       * passed to the JaasGrantedAuthority constructor using toString().
47       *
48       * @param principal One of the principals from the
49       *        LoginContext.getSubect().getPrincipals() method.
50       *
51       * @return A java.util.Set of role names to grant, or null meaning no
52       *         roles should be granted for the principal.
53       */
54      public Set grant(Principal principal);
55  }