diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java')
-rw-r--r-- | pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java | 51 |
1 files changed, 29 insertions, 22 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java index 25a665052..70e4b7c02 100644 --- a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java +++ b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.authorization; - import java.util.Enumeration; import java.util.Hashtable; @@ -29,12 +28,11 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.IConfigStore; import com.netscape.certsrv.evaluators.IAccessEvaluator; - /** * Authorization Manager interface needs to be implemented by all - * authorization managers. + * authorization managers. * <P> - * + * * @version $Revision$, $Date$ */ public interface IAuthzManager { @@ -42,6 +40,7 @@ public interface IAuthzManager { /** * Get the name of this authorization manager instance. * <p> + * * @return String the name of this authorization manager. */ public String getName(); @@ -50,29 +49,29 @@ public interface IAuthzManager { * Get implementation name of authorization manager plugin. * <p> * An example of an implementation name will be: + * * <PRE> * com.netscape.cms.BasicAclAuthz * </PRE> * <p> + * * @return The name of the authorization manager plugin. - */ + */ public String getImplName(); /** * <code>accessInit</code> is for servlets who want to initialize their - * own authorization information before full operation. It is supposed + * own authorization information before full operation. It is supposed * to be called from the authzMgrAccessInit() method of the AuthzSubsystem. * <p> - * The accessInfo format is determined by each individual - * authzmgr. For example, for BasicAclAuthz, - * The accessInfo is the resACLs, whose format should conform - * to the following: + * The accessInfo format is determined by each individual authzmgr. For example, for BasicAclAuthz, The accessInfo is the resACLs, whose format should conform to the following: + * * <pre> * <resource ID>:right-1[,right-n]:[allow,deny](right(s))<evaluatorType>=<value>:<comment for this resource acl * </pre> * <P> - * Example: - * resTurnKnob:left,right:allow(left) group="lefties":door knobs for lefties + * Example: resTurnKnob:left,right:allow(left) group="lefties":door knobs for lefties + * * @param accessInfo the access info string in the format specified in the authorization manager * @exception EBaseException error parsing the accessInfo */ @@ -81,6 +80,7 @@ public interface IAuthzManager { /** * Check if the user is authorized to perform the given operation on the * given resource. + * * @param authToken the authToken associated with a user. * @param resource - the protected resource name * @param operation - the protected resource operation name @@ -89,20 +89,21 @@ public interface IAuthzManager { * @exception EAuthzAccessDenied if access denied */ public AuthzToken authorize(IAuthToken authToken, String resource, String operation) - throws EAuthzInternalError, EAuthzAccessDenied; + throws EAuthzInternalError, EAuthzAccessDenied; public AuthzToken authorize(IAuthToken authToken, String expression) - throws EAuthzInternalError, EAuthzAccessDenied; + throws EAuthzInternalError, EAuthzAccessDenied; /** * Initialize this authorization manager. + * * @param name The name of this authorization manager instance. * @param implName The name of the authorization manager plugin. * @param config The configuration store for this authorization manager. * @exception EBaseException If an initialization error occurred. */ public void init(String name, String implName, IConfigStore config) - throws EBaseException; + throws EBaseException; /** * Prepare this authorization manager for a graceful shutdown. @@ -112,30 +113,33 @@ public interface IAuthzManager { /** * Get configuration parameters for this implementation. - * The configuration parameters returned is passed to the - * console so configuration for instances of this + * The configuration parameters returned is passed to the + * console so configuration for instances of this * implementation can be made through the console. * * @return a list of names for configuration parameters. * @exception EBaseException If an internal error occurred */ public String[] getConfigParams() - throws EBaseException; + throws EBaseException; /** * Get the configuration store for this authorization manager. + * * @return The configuration store of this authorization manager. */ public IConfigStore getConfigStore(); /** * Get ACL entries + * * @return enumeration of ACL entries. */ public Enumeration<ACL> getACLs(); /** * Get individual ACL entry for the given name of entry. + * * @param target The name of the ACL entry * @return The ACL entry. */ @@ -143,23 +147,26 @@ public interface IAuthzManager { /** * Update ACLs in the database + * * @param id The name of the ACL entry (ie, resource id) * @param rights The allowable rights for this resource * @param strACLs The value of the ACL entry * @param desc The description for this resource * @exception EACLsException when update fails. */ - public void updateACLs(String id, String rights, String strACLs, - String desc) throws EACLsException; + public void updateACLs(String id, String rights, String strACLs, + String desc) throws EACLsException; /** * Get all registered evaluators. + * * @return All registered evaluators. */ public Enumeration<IAccessEvaluator> aclEvaluatorElements(); /** * Register new evaluator + * * @param type Type of evaluator * @param evaluator Value of evaluator */ @@ -167,8 +174,8 @@ public interface IAuthzManager { /** * Return a table of evaluators + * * @return A table of evaluators */ - public Hashtable<String, IAccessEvaluator> getAccessEvaluators(); + public Hashtable<String, IAccessEvaluator> getAccessEvaluators(); } - |