security

Class XmlAuthzCredentialGenerator

java.lang.Object

security.AuthzCredentialGenerator

security.XmlAuthzCredentialGenerator

public class XmlAuthzCredentialGenerator
extends AuthzCredentialGenerator

Nested Class Summary

Nested classes/interfaces inherited from class security.AuthzCredentialGenerator

AuthzCredentialGenerator.ClassCode

Field Summary

Fields

Modifier and Type	Field and Description
static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[]	QUERY_OPS
static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[]	READER_OPS
static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[]	WRITER_OPS

Fields inherited from class security.AuthzCredentialGenerator

cGen

Constructor Summary

Constructors

Constructor and Description
XmlAuthzCredentialGenerator()

Method Summary

Modifier and Type	Method and Description
AuthzCredentialGenerator.ClassCode	classCode() The AuthzCredentialGenerator.ClassCode of the particular implementation.
protected Principal	getAllowedPrincipal(com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[] opCodes, String[] regionNames, int index) Get a Principal generated using the given index allowed to perform the given OperationContext.OperationCodes for the given region.
String	getAuthorizationCallback() The name of the AccessControl factory function that should be used as the authorization module on the server side.
protected Principal	getDisallowedPrincipal(com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[] opCodes, String[] regionNames, int index) Get a Principal generated using the given index not allowed to perform the given OperationContext.OperationCodes for the given region.
protected int	getNumPrincipalTries(com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[] opCodes, String[] regionNames) Get the number of tries to be done for obtaining valid credentials for the given operations in the given region.
protected Properties	init() Initialize the authorized credential generator.

Methods inherited from class security.AuthzCredentialGenerator

create, getAllowedCredentials, getCredentialGenerator, getDisallowedCredentials, getSystemProperties, init

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

READER_OPS

public static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[] READER_OPS

WRITER_OPS

public static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[] WRITER_OPS

QUERY_OPS

public static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[] QUERY_OPS

Constructor Detail

XmlAuthzCredentialGenerator

public XmlAuthzCredentialGenerator()

Method Detail

init

protected Properties init()
                   throws IllegalArgumentException

Description copied from class: AuthzCredentialGenerator

Initialize the authorized credential generator. Required to be implemented by concrete classes that implement this abstract class.

Specified by:

init in class AuthzCredentialGenerator

Returns:

A set of extra properties that should be added to Gemfire system properties when not null.

Throws:

IllegalArgumentException - when the CredentialGenerator is incompatible with this authorization module.

classCode

public AuthzCredentialGenerator.ClassCode classCode()

Description copied from class: AuthzCredentialGenerator

The AuthzCredentialGenerator.ClassCode of the particular implementation.

Specified by:

classCode in class AuthzCredentialGenerator

Returns:

the ClassCode

getAuthorizationCallback

public String getAuthorizationCallback()

Description copied from class: AuthzCredentialGenerator

The name of the AccessControl factory function that should be used as the authorization module on the server side.

Specified by:

getAuthorizationCallback in class AuthzCredentialGenerator

Returns:

name of the AccessControl factory function

getAllowedPrincipal

protected Principal getAllowedPrincipal(com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[] opCodes,
                                        String[] regionNames,
                                        int index)

Description copied from class: AuthzCredentialGenerator

Get a Principal generated using the given index allowed to perform the given OperationContext.OperationCodes for the given region. Required to be implemented by concrete classes that implement this abstract class.

Specified by:

getAllowedPrincipal in class AuthzCredentialGenerator

Parameters:

opCodes - the OperationContext.OperationCodes of the operations requiring authorization

regionNames - list of the region names requiring authorization; a value of null indicates all regions

index - used to generate multiple such principals by passing different values for this

Returns:

the Principal authorized to perform the given operation in the given region

getDisallowedPrincipal

protected Principal getDisallowedPrincipal(com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[] opCodes,
                                           String[] regionNames,
                                           int index)

Description copied from class: AuthzCredentialGenerator

Get a Principal generated using the given index not allowed to perform the given OperationContext.OperationCodes for the given region. Required to be implemented by concrete classes that implement this abstract class.

Specified by:

getDisallowedPrincipal in class AuthzCredentialGenerator

Parameters:

opCodes - the OperationContext.OperationCodes of the operations requiring authorization failure

regionNames - list of the region names requiring authorization failure; a value of null indicates all regions

index - used to generate multiple such principals by passing different values for this

Returns:

a Principal not authorized to perform the given operation in the given region

getNumPrincipalTries

protected int getNumPrincipalTries(com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[] opCodes,
                                   String[] regionNames)

Description copied from class: AuthzCredentialGenerator

Get the number of tries to be done for obtaining valid credentials for the given operations in the given region. It is required that AuthzCredentialGenerator.getAllowedPrincipal(com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[], java.lang.String[], int) method returns valid principals for values of index from 0 through (n-1) where n is the value returned by this method. It is recommended that the principals so returned be unique for efficiency. This will be used by AuthzCredentialGenerator.getAllowedCredentials(com.gemstone.gemfire.cache.operations.OperationContext.OperationCode[], java.lang.String[], int) to step through different principals and obtain a set of valid credentials. Required to be implemented by concrete classes that implement this abstract class.

Specified by:

getNumPrincipalTries in class AuthzCredentialGenerator

Parameters:

opCodes - the OperationContext.OperationCodes of the operations requiring authorization

regionNames - list of the region names requiring authorization; a value of null indicates all regions

Returns:

the number of principals allowed to perform the given operation in the given region