diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java')
-rw-r--r-- | pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java | 71 |
1 files changed, 40 insertions, 31 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java index 167911c40..cc34ea77d 100644 --- a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java +++ b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.authorization; - import java.util.Enumeration; import java.util.Hashtable; @@ -28,12 +27,11 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.IConfigStore; import com.netscape.certsrv.evaluators.IAccessEvaluator; - /** - * Authorization Manager interface needs to be implemented by all - * authorization managers. + * Authorization Manager interface needs to be implemented by all authorization + * managers. * <P> - * + * * @version $Revision$, $Date$ */ public interface IAuthzManager { @@ -41,6 +39,7 @@ public interface IAuthzManager { /** * Get the name of this authorization manager instance. * <p> + * * @return String the name of this authorization manager. */ public String getName(); @@ -49,30 +48,34 @@ public interface IAuthzManager { * Get implementation name of authorization manager plugin. * <p> * An example of an implementation name will be: + * * <PRE> * com.netscape.cms.BasicAclAuthz * </PRE> * <p> + * * @return The name of the authorization manager plugin. - */ + */ public String getImplName(); /** - * <code>accessInit</code> is for servlets who want to initialize their - * own authorization information before full operation. It is supposed - * to be called from the authzMgrAccessInit() method of the AuthzSubsystem. + * <code>accessInit</code> is for servlets who want to initialize their own + * authorization information before full operation. It is supposed to be + * called from the authzMgrAccessInit() method of the AuthzSubsystem. * <p> - * The accessInfo format is determined by each individual - * authzmgr. For example, for BasicAclAuthz, - * The accessInfo is the resACLs, whose format should conform - * to the following: + * The accessInfo format is determined by each individual authzmgr. For + * example, for BasicAclAuthz, The accessInfo is the resACLs, whose format + * should conform to the following: + * * <pre> * <resource ID>:right-1[,right-n]:[allow,deny](right(s))<evaluatorType>=<value>:<comment for this resource acl * </pre> * <P> - * Example: - * resTurnKnob:left,right:allow(left) group="lefties":door knobs for lefties - * @param accessInfo the access info string in the format specified in the authorization manager + * Example: resTurnKnob:left,right:allow(left) group="lefties":door knobs + * for lefties + * + * @param accessInfo the access info string in the format specified in the + * authorization manager * @exception EBaseException error parsing the accessInfo */ public void accessInit(String accessInfo) throws EBaseException; @@ -80,6 +83,7 @@ public interface IAuthzManager { /** * Check if the user is authorized to perform the given operation on the * given resource. + * * @param authToken the authToken associated with a user. * @param resource - the protected resource name * @param operation - the protected resource operation name @@ -87,54 +91,56 @@ public interface IAuthzManager { * @exception EAuthzInternalError if an internal error occurred. * @exception EAuthzAccessDenied if access denied */ - public AuthzToken authorize(IAuthToken authToken, String resource, String operation) - throws EAuthzInternalError, EAuthzAccessDenied; + public AuthzToken authorize(IAuthToken authToken, String resource, + String operation) throws EAuthzInternalError, EAuthzAccessDenied; public AuthzToken authorize(IAuthToken authToken, String expression) - throws EAuthzInternalError, EAuthzAccessDenied; + throws EAuthzInternalError, EAuthzAccessDenied; /** * Initialize this authorization manager. + * * @param name The name of this authorization manager instance. * @param implName The name of the authorization manager plugin. * @param config The configuration store for this authorization manager. * @exception EBaseException If an initialization error occurred. */ public void init(String name, String implName, IConfigStore config) - throws EBaseException; + throws EBaseException; /** - * Prepare this authorization manager for a graceful shutdown. - * Called when the server is exiting for any cleanup needed. + * Prepare this authorization manager for a graceful shutdown. Called when + * the server is exiting for any cleanup needed. */ public void shutdown(); /** - * Get configuration parameters for this implementation. - * The configuration parameters returned is passed to the - * console so configuration for instances of this - * implementation can be made through the console. + * Get configuration parameters for this implementation. The configuration + * parameters returned is passed to the console so configuration for + * instances of this implementation can be made through the console. * * @return a list of names for configuration parameters. * @exception EBaseException If an internal error occurred */ - public String[] getConfigParams() - throws EBaseException; + public String[] getConfigParams() throws EBaseException; /** * Get the configuration store for this authorization manager. + * * @return The configuration store of this authorization manager. */ public IConfigStore getConfigStore(); /** * Get ACL entries + * * @return enumeration of ACL entries. */ public Enumeration getACLs(); /** * Get individual ACL entry for the given name of entry. + * * @param target The name of the ACL entry * @return The ACL entry. */ @@ -142,23 +148,26 @@ public interface IAuthzManager { /** * Update ACLs in the database + * * @param id The name of the ACL entry (ie, resource id) * @param rights The allowable rights for this resource * @param strACLs The value of the ACL entry * @param desc The description for this resource * @exception EACLsException when update fails. */ - public void updateACLs(String id, String rights, String strACLs, - String desc) throws EACLsException; + public void updateACLs(String id, String rights, String strACLs, String desc) + throws EACLsException; /** * Get all registered evaluators. + * * @return All registered evaluators. */ public Enumeration aclEvaluatorElements(); /** * Register new evaluator + * * @param type Type of evaluator * @param evaluator Value of evaluator */ @@ -166,8 +175,8 @@ public interface IAuthzManager { /** * Return a table of evaluators + * * @return A table of evaluators */ public Hashtable getAccessEvaluators(); } - |