AbstractXACMLAuthorizingInterceptor (Apache CXF Runtime Security functionality 2.7.2 API)

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.cxf.rt.security.xacml
Class AbstractXACMLAuthorizingInterceptor

java.lang.Object
  org.apache.cxf.phase.AbstractPhaseInterceptor<org.apache.cxf.message.Message>
      org.apache.cxf.rt.security.xacml.AbstractXACMLAuthorizingInterceptor

All Implemented Interfaces:: org.apache.cxf.interceptor.Interceptor<org.apache.cxf.message.Message>, org.apache.cxf.phase.PhaseInterceptor<org.apache.cxf.message.Message>

public abstract class AbstractXACMLAuthorizingInterceptor
extends org.apache.cxf.phase.AbstractPhaseInterceptor<org.apache.cxf.message.Message>
extends org.apache.cxf.phase.AbstractPhaseInterceptor<org.apache.cxf.message.Message>

An abstract interceptor to perform an XACML authorization request to a remote PDP, and make an authorization decision based on the response. It takes the principal and roles from the SecurityContext, and uses the XACMLRequestBuilder to construct an XACML Request statement. This class must be subclassed to actually perform the request to the PDP.

Constructor Summary
`AbstractXACMLAuthorizingInterceptor()`

Method Summary
`protected boolean`	`authorize(Principal principal, List<String> roles, org.apache.cxf.message.Message message)` Perform a (remote) authorization decision and return a boolean depending on the result
`XACMLRequestBuilder`	`getRequestBuilder()`
`void`	`handleMessage(org.apache.cxf.message.Message message)`
`protected void`	`handleObligations(org.opensaml.xacml.ctx.RequestType request, Principal principal, org.apache.cxf.message.Message message, org.opensaml.xacml.ctx.ResultType result)` Handle any Obligations returned by the PDP
`abstract org.opensaml.xacml.ctx.ResponseType`	`performRequest(org.opensaml.xacml.ctx.RequestType request, org.apache.cxf.message.Message message)`
`void`	`setRequestBuilder(XACMLRequestBuilder requestBuilder)`

Methods inherited from class org.apache.cxf.phase.AbstractPhaseInterceptor
`addAfter, addAfter, addBefore, addBefore, getAdditionalInterceptors, getAfter, getBefore, getId, getPhase, handleFault, isGET, isRequestor, setAfter, setBefore`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

AbstractXACMLAuthorizingInterceptor

public AbstractXACMLAuthorizingInterceptor()

Method Detail

handleMessage

public void handleMessage(org.apache.cxf.message.Message message)
                   throws org.apache.cxf.interceptor.Fault

Throws:: org.apache.cxf.interceptor.Fault

getRequestBuilder

public XACMLRequestBuilder getRequestBuilder()

setRequestBuilder

public void setRequestBuilder(XACMLRequestBuilder requestBuilder)

authorize

protected boolean authorize(Principal principal,
                            List<String> roles,
                            org.apache.cxf.message.Message message)
                     throws Exception

Perform a (remote) authorization decision and return a boolean depending on the result

Throws:: Exception

performRequest

public abstract org.opensaml.xacml.ctx.ResponseType performRequest(org.opensaml.xacml.ctx.RequestType request,
                                                                   org.apache.cxf.message.Message message)
                                                            throws Exception

Throws:: Exception

handleObligations

protected void handleObligations(org.opensaml.xacml.ctx.RequestType request,
                                 Principal principal,
                                 org.apache.cxf.message.Message message,
                                 org.opensaml.xacml.ctx.ResultType result)
                          throws Exception

Handle any Obligations returned by the PDP

Throws:: Exception