diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/certsrv/authorization')
13 files changed, 0 insertions, 1017 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzManagerProxy.java b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzManagerProxy.java deleted file mode 100644 index 58a5264ba..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzManagerProxy.java +++ /dev/null @@ -1,59 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -/** - * A class represents an authorization manager. It contains an - * authorization manager instance and its state (enable or not). - * - * @version $Revision$, $Date$ - */ -public class AuthzManagerProxy { - private boolean mEnable; - private IAuthzManager mMgr; - - /** - * Constructor - * - * @param enable true if the authzMgr is enabled; false otherwise - * @param mgr authorization manager instance - */ - public AuthzManagerProxy(boolean enable, IAuthzManager mgr) { - mEnable = enable; - mMgr = mgr; - } - - /** - * Returns the state of the authorization manager instance - * - * @return true if the state of the authorization manager instance is - * enabled; false otherwise. - */ - public boolean isEnable() { - return mEnable; - } - - /** - * Returns an authorization manager instance. - * - * @return an authorization manager instance - */ - public IAuthzManager getAuthzManager() { - return mMgr; - } -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzMgrPlugin.java b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzMgrPlugin.java deleted file mode 100644 index e47e58171..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzMgrPlugin.java +++ /dev/null @@ -1,77 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -/** - * This class represents a registered authorization manager plugin. - * <P> - * - * @version $Revision$, $Date$ - */ -public class AuthzMgrPlugin { - protected String mId = null; - protected String mClassPath = null; - protected boolean mVisible = true; - - /** - * Constructs a AuthzManager plugin. - * - * @param id authz manager implementation name - * @param classPath class path - */ - public AuthzMgrPlugin(String id, String classPath) { - mId = id; - mClassPath = classPath; - } - - /** - * Returns an authorization manager implementation name - * - * @return an authorization manager implementation name - */ - public String getId() { - return mId; - } - - /** - * Returns a classpath of a AuthzManager plugin - * - * @return a classpath of a AuthzManager plugin - */ - public String getClassPath() { - return mClassPath; - } - - /** - * Returns a visibility of the plugin - * - * @return a visibility of the plugin - */ - public boolean isVisible() { - return mVisible; - } - - /** - * Sets visibility of the plugin - * - * @param visibility visibility of the plugin - */ - public void setVisible(boolean visibility) { - mVisible = visibility; - } -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzResources.java b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzResources.java deleted file mode 100644 index 13d33c212..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzResources.java +++ /dev/null @@ -1,44 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -import java.util.ListResourceBundle; - -/** - * A class represents a resource bundle for the authorization subsystem - * <P> - * - * @deprecated - * @version $Revision$, $Date$ - */ -public class AuthzResources extends ListResourceBundle { - - /** - * Returns the content of this resource. - * - * @return the content of this resource - */ - public Object[][] getContents() { - return contents; - } - - /** - * A set of constants for localized error messages. - */ - static final Object[][] contents = {}; -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzToken.java b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzToken.java deleted file mode 100644 index 262902e62..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzToken.java +++ /dev/null @@ -1,174 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -import java.util.Date; -import java.util.Enumeration; -import java.util.Hashtable; - -import com.netscape.certsrv.base.IAttrSet; - -/** - * Authorization token returned by Authorization Managers. - * Upon return, it contains the name of the authorization manager that create - * the AuthzToken, the plugin name of the authorization manager, time of - * authorization happened, name of the resource, type of operation performed - * on the resource. - * <p> - * - * @version $Revision$, $Date$ - */ -public class AuthzToken implements IAttrSet { - private static final long serialVersionUID = 4716145610877112054L; - private Hashtable<String, Object> mAttrs = null; - - /** - * Plugin name of the authorization manager that created the - * AuthzToken as a string. - */ - public static final String TOKEN_AUTHZMGR_IMPL_NAME = "authzMgrImplName"; - - /** - * Name of the authorization manager that created the AuthzToken - * as a string. - */ - public static final String TOKEN_AUTHZMGR_INST_NAME = "authzMgrInstName"; - - /** - * Time of authorization as a java.util.Date - */ - public static final String TOKEN_AUTHZTIME = "authzTime"; - - /** - * name of the resource - */ - public static final String TOKEN_AUTHZ_RESOURCE = "authzRes"; - - /** - * name of the operation - */ - public static final String TOKEN_AUTHZ_OPERATION = "authzOp"; - - /* - * Status of the authorization evaluation - */ - public static final String TOKEN_AUTHZ_STATUS = "status"; - - /** - * Constant for the success status of the authorization evaluation. - */ - public static final String AUTHZ_STATUS_SUCCESS = "statusSuccess"; - - /** - * Constructs an instance of a authorization token. - * The token by default contains the following attributes: <br> - * - * <pre> - * "authzMgrInstName" - The authorization manager instance name. - * "authzMgrImplName" - The authorization manager plugin name. - * "authzTime" - The - The time of authorization. - * </pre> - * - * @param authzMgr The authorization manager that created this Token. - */ - public AuthzToken(IAuthzManager authzMgr) { - mAttrs = new Hashtable<String, Object>(); - mAttrs.put(TOKEN_AUTHZMGR_INST_NAME, authzMgr.getName()); - mAttrs.put(TOKEN_AUTHZMGR_IMPL_NAME, authzMgr.getImplName()); - mAttrs.put(TOKEN_AUTHZTIME, new Date()); - } - - /** - * Get the value of an attribute in the AuthzToken - * - * @param attrName The attribute name - * @return The value of attrName if any. - */ - public Object get(String attrName) { - return mAttrs.get(attrName); - } - - /** - * Used by an Authorization manager to set an attribute and value - * in the AuthzToken. - * - * @param attrName The name of the attribute - * @param value The value of the attribute to set. - */ - public void set(String attrName, Object value) { - mAttrs.put(attrName, value); - } - - /** - * Removes an attribute in the AuthzToken - * - * @param attrName The name of the attribute to remove. - */ - public void delete(String attrName) { - mAttrs.remove(attrName); - } - - /** - * Enumerate all attribute names in the AuthzToken. - * - * @return Enumeration of all attribute names in this AuthzToken. - */ - public Enumeration<String> getElements() { - return mAttrs.keys(); - } - - /** - * Enumerate all attribute values in the AuthzToken. - * - * @return Enumeration of all attribute names in this AuthzToken. - */ - public Enumeration<Object> getVals() { - return mAttrs.elements(); - } - - /** - * Gets the name of the authorization manager instance that created - * this token. - * - * @return The name of the authorization manager instance that created - * this token. - */ - public String getAuthzManagerInstName() { - return (String) mAttrs.get(TOKEN_AUTHZMGR_INST_NAME); - } - - /** - * Gets the plugin name of the authorization manager that created this - * token. - * - * @return The plugin name of the authorization manager that created this - * token. - */ - public String getAuthzManagerImplName() { - return (String) mAttrs.get(TOKEN_AUTHZMGR_IMPL_NAME); - } - - /** - * Gets the time of authorization. - * - * @return The time of authorization - */ - public Date getAuthzTime() { - return (Date) mAttrs.get(TOKEN_AUTHZTIME); - } -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzAccessDenied.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzAccessDenied.java deleted file mode 100644 index 9fc7777c7..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzAccessDenied.java +++ /dev/null @@ -1,38 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -/** - * Exception for authorization failure - */ -public class EAuthzAccessDenied extends EAuthzException { - - /** - * - */ - private static final long serialVersionUID = 603324526695263260L; - - /** - * Constructs a exception for access denied by Authz manager - * - * @param errorString Detailed error message. - */ - public EAuthzAccessDenied(String errorString) { - super(errorString); - } -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzException.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzException.java deleted file mode 100644 index 65d95a571..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzException.java +++ /dev/null @@ -1,91 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -import com.netscape.certsrv.base.EBaseException; - -/** - * This class represents authorization exceptions. - * <P> - * - * @version $Revision$, $Date$ - */ -public class EAuthzException extends EBaseException { - - /** - * - */ - private static final long serialVersionUID = 6265731237976616272L; - /** - * Resource class name. - */ - private static final String AUTHZ_RESOURCES = AuthzResources.class.getName(); - - /** - * Constructs a authz exception - * <P> - * - * @param msgFormat exception details - */ - public EAuthzException(String msgFormat) { - super(msgFormat); - } - - /** - * Constructs a authz exception with a parameter. - * <p> - * - * @param msgFormat exception details in message string format - * @param param message string parameter - */ - public EAuthzException(String msgFormat, String param) { - super(msgFormat, param); - } - - /** - * Constructs a authz exception with a exception parameter. - * <P> - * - * @param msgFormat exception details in message string format - * @param param system exception - */ - public EAuthzException(String msgFormat, Exception param) { - super(msgFormat, param); - } - - /** - * Constructs a authz exception with a list of parameters. - * <P> - * - * @param msgFormat the message format. - * @param params list of message format parameters - */ - public EAuthzException(String msgFormat, Object params[]) { - super(msgFormat, params); - } - - /** - * Returns the resource bundle name - * - * @return resource bundle name - */ - protected String getBundleName() { - return AUTHZ_RESOURCES; - } - -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzInternalError.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzInternalError.java deleted file mode 100644 index 2afe2c747..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzInternalError.java +++ /dev/null @@ -1,38 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -/** - * An exception for internal error for authorization. - */ -public class EAuthzInternalError extends EAuthzException { - - /** - * - */ - private static final long serialVersionUID = -2954801841027751903L; - - /** - * Constructs an authorization internal error exception - * - * @param errorString error with a detailed message. - */ - public EAuthzInternalError(String errorString) { - super(errorString); - } -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrNotFound.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrNotFound.java deleted file mode 100644 index a920d37ac..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrNotFound.java +++ /dev/null @@ -1,38 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -/** - * Exception for authorization manager not found. - */ -public class EAuthzMgrNotFound extends EAuthzException { - - /** - * - */ - private static final long serialVersionUID = 858647841945772328L; - - /** - * Constructs a exception for a missing required authorization manager - * - * @param errorString Detailed error message. - */ - public EAuthzMgrNotFound(String errorString) { - super(errorString); - } -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrPluginNotFound.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrPluginNotFound.java deleted file mode 100644 index 43ae6edcd..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrPluginNotFound.java +++ /dev/null @@ -1,38 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -/** - * Exception for authorization manager plugin not found. - */ -public class EAuthzMgrPluginNotFound extends EAuthzException { - - /** - * - */ - private static final long serialVersionUID = -2647973726997526429L; - - /** - * Constructs a exception for a missing authorization plugin - * - * @param errorString Detailed error message. - */ - public EAuthzMgrPluginNotFound(String errorString) { - super(errorString); - } -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownOperation.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownOperation.java deleted file mode 100644 index ce061ddd2..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownOperation.java +++ /dev/null @@ -1,38 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -/** - * Exception for operation unknown to the authorization manager - */ -public class EAuthzUnknownOperation extends EAuthzException { - - /** - * - */ - private static final long serialVersionUID = 4344508835702220953L; - - /** - * Constructs a exception for an operation unknown to the authorization manager - * - * @param errorString Detailed error message. - */ - public EAuthzUnknownOperation(String errorString) { - super(errorString); - } -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownProtectedRes.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownProtectedRes.java deleted file mode 100644 index 5cb2d7276..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownProtectedRes.java +++ /dev/null @@ -1,38 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -/** - * Exception for protected resource unknown to the authorization manager - */ -public class EAuthzUnknownProtectedRes extends EAuthzException { - - /** - * - */ - private static final long serialVersionUID = 444663701711532889L; - - /** - * Constructs a exception for a protected resource unknown to the authorization manager - * - * @param errorString Detailed error message. - */ - public EAuthzUnknownProtectedRes(String errorString) { - super(errorString); - } -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java deleted file mode 100644 index 8b52b3928..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java +++ /dev/null @@ -1,182 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -import java.util.Enumeration; -import java.util.Hashtable; - -import com.netscape.certsrv.acls.ACL; -import com.netscape.certsrv.acls.EACLsException; -import com.netscape.certsrv.acls.IACL; -import com.netscape.certsrv.authentication.IAuthToken; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.evaluators.IAccessEvaluator; - -/** - * Authorization Manager interface needs to be implemented by all - * authorization managers. - * <P> - * - * @version $Revision$, $Date$ - */ -public interface IAuthzManager { - - /** - * Get the name of this authorization manager instance. - * <p> - * - * @return String the name of this authorization manager. - */ - public String getName(); - - /** - * Get implementation name of authorization manager plugin. - * <p> - * An example of an implementation name will be: - * - * <PRE> - * com.netscape.cms.BasicAclAuthz - * </PRE> - * <p> - * - * @return The name of the authorization manager plugin. - */ - public String getImplName(); - - /** - * <code>accessInit</code> is for servlets who want to initialize their - * own authorization information before full operation. It is supposed - * to be called from the authzMgrAccessInit() method of the AuthzSubsystem. - * <p> - * The accessInfo format is determined by each individual authzmgr. For example, for BasicAclAuthz, The accessInfo - * is the resACLs, whose format should conform to the following: - * - * <pre> - * <resource ID>:right-1[,right-n]:[allow,deny](right(s))<evaluatorType>=<value>:<comment for this resource acl - * </pre> - * <P> - * Example: resTurnKnob:left,right:allow(left) group="lefties":door knobs for lefties - * - * @param accessInfo the access info string in the format specified in the authorization manager - * @exception EBaseException error parsing the accessInfo - */ - public void accessInit(String accessInfo) throws EBaseException; - - /** - * Check if the user is authorized to perform the given operation on the - * given resource. - * - * @param authToken the authToken associated with a user. - * @param resource - the protected resource name - * @param operation - the protected resource operation name - * @return authzToken if the user is authorized - * @exception EAuthzInternalError if an internal error occurred. - * @exception EAuthzAccessDenied if access denied - */ - public AuthzToken authorize(IAuthToken authToken, String resource, String operation) - throws EAuthzInternalError, EAuthzAccessDenied; - - public AuthzToken authorize(IAuthToken authToken, String expression) - throws EAuthzInternalError, EAuthzAccessDenied; - - /** - * Initialize this authorization manager. - * - * @param name The name of this authorization manager instance. - * @param implName The name of the authorization manager plugin. - * @param config The configuration store for this authorization manager. - * @exception EBaseException If an initialization error occurred. - */ - public void init(String name, String implName, IConfigStore config) - throws EBaseException; - - /** - * Prepare this authorization manager for a graceful shutdown. - * Called when the server is exiting for any cleanup needed. - */ - public void shutdown(); - - /** - * Get configuration parameters for this implementation. - * The configuration parameters returned is passed to the - * console so configuration for instances of this - * implementation can be made through the console. - * - * @return a list of names for configuration parameters. - * @exception EBaseException If an internal error occurred - */ - public String[] getConfigParams() - throws EBaseException; - - /** - * Get the configuration store for this authorization manager. - * - * @return The configuration store of this authorization manager. - */ - public IConfigStore getConfigStore(); - - /** - * Get ACL entries - * - * @return enumeration of ACL entries. - */ - public Enumeration<ACL> getACLs(); - - /** - * Get individual ACL entry for the given name of entry. - * - * @param target The name of the ACL entry - * @return The ACL entry. - */ - public IACL getACL(String target); - - /** - * Update ACLs in the database - * - * @param id The name of the ACL entry (ie, resource id) - * @param rights The allowable rights for this resource - * @param strACLs The value of the ACL entry - * @param desc The description for this resource - * @exception EACLsException when update fails. - */ - public void updateACLs(String id, String rights, String strACLs, - String desc) throws EACLsException; - - /** - * Get all registered evaluators. - * - * @return All registered evaluators. - */ - public Enumeration<IAccessEvaluator> aclEvaluatorElements(); - - /** - * Register new evaluator - * - * @param type Type of evaluator - * @param evaluator Value of evaluator - */ - public void registerEvaluator(String type, IAccessEvaluator evaluator); - - /** - * Return a table of evaluators - * - * @return A table of evaluators - */ - public Hashtable<String, IAccessEvaluator> getAccessEvaluators(); -} diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzSubsystem.java b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzSubsystem.java deleted file mode 100644 index d8ccc8a83..000000000 --- a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzSubsystem.java +++ /dev/null @@ -1,162 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.certsrv.authorization; - -import java.util.Enumeration; -import java.util.Hashtable; - -import com.netscape.certsrv.authentication.IAuthToken; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.ISubsystem; - -/** - * An interface that represents an authorization component - * <P> - * - * @version $Revision$, $Date$ - */ -public interface IAuthzSubsystem extends ISubsystem { - - /** - * Constant for auths. - */ - public static final String ID = "authz"; - - /** - * Constant for class. - */ - public static final String PROP_CLASS = "class"; - - /** - * Constant for impl - */ - public static final String PROP_IMPL = "impl"; - - /** - * Constant for pluginName. - */ - public static final String PROP_PLUGIN = "pluginName"; - - /** - * Constant for instance. - */ - public static final String PROP_INSTANCE = "instance"; - - /** - * authorize the user associated with the given authToken for a given - * operation with the given authorization manager name - * - * @param authzMgrName The authorization manager name - * @param authToken the authenticaton token associated with a user - * @param resource the resource protected by the authorization system - * @param operation the operation for resource protected by the authorization system - * @return a authorization token. - * @exception EBaseException If an error occurs during authorization. - */ - public AuthzToken authorize(String authzMgrName, IAuthToken authToken, - String resource, String operation) - throws EBaseException; - - public AuthzToken authorize(String authzMgrName, IAuthToken authToken, - String exp) throws EBaseException; - - /** - * Adds (registers) the given authorization manager. - * - * @param name The authorization manager name - * @param authzMgr The authorization manager instance. - */ - public void add(String name, IAuthzManager authzMgr); - - /** - * Deletes (deregisters) the given authorization manager. - * - * @param name The authorization manager name to delete. - */ - public void delete(String name); - - /** - * Gets the Authorization manager instance of the specified name. - * - * @param name The authorization manager's name. - * @return an authorization manager interface - */ - public IAuthzManager getAuthzManager(String name) throws EBaseException; - - /** - * Gets an enumeration of authorization managers registered to the - * authorization component. - * - * @return a list of authorization managers - */ - public Enumeration<IAuthzManager> getAuthzManagers(); - - /** - * Initialize authz info - usually used for BasicAclAuthz - * - * @param authzMgrName name of the authorization manager - * @param accessInfo string representation of the ACL - * @exception EBaseException if authorization manager is not found - */ - public void authzMgrAccessInit(String authzMgrName, String accessInfo) throws EBaseException; - - /** - * Gets an enumeration of authorization manager plugins. - * - * @return list of authorization manager plugins - */ - public Enumeration<AuthzMgrPlugin> getAuthzManagerPlugins(); - - /** - * Gets a single authorization manager plugin implementation - * - * @param name given authorization plugin name - * @return authorization manager plugin - */ - public IAuthzManager getAuthzManagerPlugin(String name); - - /** - * Log error message. - * - * @param level log level - * @param msg error message - */ - public void log(int level, String msg); - - /** - * Get a hashtable containing all authentication plugins. - * - * @return all authentication plugins. - */ - public Hashtable<String, AuthzMgrPlugin> getPlugins(); - - /** - * Get a hashtable containing all authentication instances. - * - * @return all authentication instances. - */ - public Hashtable<String, AuthzManagerProxy> getInstances(); - - /** - * Get an authorization manager interface for the given name. - * - * @param name given authorization manager name. - * @return an authorization manager interface - */ - public IAuthzManager get(String name); -} |