Examples of Authorizer

net.webpasswordsafe.server.plugin.authorization.Authorizer
@author Josh Drummond
org.apache.derby.iapi.sql.conn.Authorizer
The Authorizer verifies a connected user has the authorization to perform a requested database operation using the current connection.
Today no object based authorization is supported.
org.apache.geronimo.tomcat.security.Authorizer
@version $Rev: 794752 $ $Date: 2009-07-17 01:03:50 +0800 (Fri, 17 Jul 2009) $
org.apache.lenya.ac.Authorizer
An Authorizer checks if an Identity is authorized to invoke a certain request. @version $Id: Authorizer.java 473841 2006-11-12 00:46:38Z gregor $
org.brixcms.rmiserver.jackrabbit.Authorizer
Authorizes {@link Credentials} for given {@link Role} @author ivaynberg
org.cometd.bayeux.server.Authorizer
t subscribe to all channel.addAuthorizer(GrantAuthorizer.GRANT_SUBSCRIBE); // Grant publishes only to CNN employees channel.addAuthorizer(new Authorizer() { public Result authorize(Operation operation, ChannelId channel, ServerSession session, ServerMessage message) { if (operation == Operation.PUBLISH && session.getAttribute("isCNNEmployee") == Boolean.TRUE) return Result.grant(); else return Result.ignore(); } }); } });
A typical usage of authorizers is as follows:
- Create a wildcard authorizer that matches all channels and neither grants or denies (e.g. use {@code org.cometd.server.authorizer.GrantAuthorizer.GRANT_NONE}). This authorizer can be added to channel /** or to a more specific channel for your application such as /game/**. This ensures that authorizers set is not empty and that another authorizer must explicitly grant access.
- For public channels, that all users can access, add authorizers that will simply grant publish and/or subscribe permissions to the specific or wildcard channels.
- For access controlled channels (e.g. only nominated players can publish to a game channel), then specific implementation of authorizers need to be created that will check identities and possibly other state before granting permission. Typically there is no need for such authorizers to explicitly deny access, unless that attempted access represents a specific error condition that needs to be passed to the client in the message associated with a deny.
- For cross cutting concerns, such as checking a users credit or implementing user bans, authorizers can be created to explicitly deny access, without the need to modify all authorizers already in place that may grant.
@see SecurityPolicy
org.ejbca.core.model.authorization.Authorizer
A JavaBean handling the authorization in EJBCA. The main methods are isAthorized and authenticate. @version $Id: Authorizer.java 11526 2011-03-16 12:03:24Z netmackan $
org.nxplanner.security.auth.Authorizer
org.restlet.security.Authorizer
stlet.org/docs_2.1/113-restlet.html">User Guide - Authorization @author Jerome Louvel
ratpack.pac4j.Authorizer
An authorization strategy for integration with pac4j.
In particular, this allows control over which requests require authentication, the mechanism for performing access control, and the handling of authentication failures.
@see ratpack.pac4j.AbstractAuthorizer

Examples of org.apache.lenya.ac.Authorizer

                String type = authorizerConfigurations[i].getAttribute(TYPE_ATTRIBUTE);
                if (getLogger().isDebugEnabled()) {
                    getLogger().debug("Adding authorizer [" + type + "]");
                }


                Authorizer authorizer = (Authorizer) authorizerSelector.select(type);
                authorizerKeys.add(type);
                authorizers.put(type, authorizer);
                configureOrParameterize(authorizer, authorizerConfigurations[i]);
            }
        }

View Full Code Here

Examples of org.brixcms.rmiserver.jackrabbit.Authorizer

        if (repository == null) {
            throw new IllegalStateException(
                    "Could not find UserService implementation in spring context");
        }


        authorizer = new Authorizer(users);
        credentialsProvider = getCredentialsProvider();
    }

View Full Code Here

Examples of org.cometd.bayeux.server.Authorizer

        {
            public void configureChannel(ConfigurableServerChannel channel)
            {
                // Grant create and subscribe to all and publishes only to service channels
                channel.addAuthorizer(GrantAuthorizer.GRANT_CREATE_SUBSCRIBE);
                channel.addAuthorizer(new Authorizer()
                {
                    public Result authorize(Operation operation, ChannelId channel, ServerSession session, ServerMessage message)
                    {
                        if (operation == Operation.PUBLISH && channel.isService())
                            return Result.grant();

View Full Code Here

Examples of org.cometd.bayeux.server.Authorizer

        String channelName = "/test";
        bayeux.createChannelIfAbsent(channelName, new ConfigurableServerChannel.Initializer()
        {
            public void configureChannel(ConfigurableServerChannel channel)
            {
                channel.addAuthorizer(new Authorizer()
                {
                    public Result authorize(Operation operation, ChannelId channel, ServerSession session, ServerMessage message)
                    {
                        return Result.ignore();
                    }

View Full Code Here

Examples of org.cometd.bayeux.server.Authorizer

        String channelName = "/test/denied";
        bayeux.createChannelIfAbsent(channelName, new ConfigurableServerChannel.Initializer()
        {
            public void configureChannel(ConfigurableServerChannel channel)
            {
                channel.addAuthorizer(new Authorizer()
                {
                    public Result authorize(Operation operation, ChannelId channel, ServerSession session, ServerMessage message)
                    {
                        return Result.deny("test");
                    }

View Full Code Here

Examples of org.cometd.bayeux.server.Authorizer

        String channelName = "/test/granted";
        bayeux.createChannelIfAbsent(channelName, new ConfigurableServerChannel.Initializer()
        {
            public void configureChannel(final ConfigurableServerChannel channel)
            {
                channel.addAuthorizer(new Authorizer()
                {
                    public Result authorize(Operation operation, ChannelId channelId, ServerSession session, ServerMessage message)
                    {
                        channel.removeAuthorizer(this);
                        return Result.grant();

View Full Code Here

Examples of org.ejbca.core.model.authorization.Authorizer

    private static final String[] customaccessrules = EjbcaConfiguration.getCustomAvailableAccessRules();
    
    private Authorizer getAuthorizer() {
        if (authCache.getAuthorizer() == null) {
          final GlobalConfiguration config = globalConfigurationSession.getCachedGlobalConfiguration(Admin.getInternalAdmin());
            authCache.setAuthorizer(new Authorizer(getAdminGroups(), config.getEnableCommandLineInterface(), logSession, LogConstants.MODULE_AUTHORIZATION));
        }
        return authCache.getAuthorizer();
    }

View Full Code Here

Examples of org.nxplanner.security.auth.Authorizer

        firstWritableIteration.setStartDate(new Date(DAY));
        Iteration secondNonWritableIteration = newIteration(project2);
        
        commitCloseAndOpenSession();


        Authorizer authorizer = new AuthorizerImpl();
        IterationRepository dao = new IterationRepository(session, authorizer, person.getId());
        List list = dao.fetchEditableIterations();


        ArrayAssert.assertEquals("iterations returned", new Iteration[] {firstWritableIteration, secondWritableIteration}, list.toArray());
    }

View Full Code Here

Examples of org.nxplanner.security.auth.Authorizer

        expectedStories[1] = newUserStory(firstWritableIteration);
        expectedStories[3] = newUserStory(secondWritableIteration);


        commitCloseAndOpenSession();


        Authorizer authorizer = new AuthorizerImpl();
        UserStoryRepository dao = new UserStoryRepository(session, authorizer, person.getId());
        List list = dao.fetchEditableStories();


        ArrayAssert.assertEquals("stories returned", expectedStories, list.toArray());
    }

View Full Code Here

Examples of org.nxplanner.security.auth.Authorizer

        ThreadSession.set(session);


        boolean result = false;


        // exact match
        Authorizer authorizer = SystemAuthorizer.get();
        result = authorizer.
                hasPermission(projectId, personId, "system.project", 1, "testpermission");
        assertTrue("wrong result", result);


        // no match
        result = authorizer.
                hasPermission(projectId, personId, "system.project", 10, "testpermission");
        assertFalse("wrong result", result);


        // resource type wildcard, resourceId wildcard, permission name wildcard
        // viewer role
        result = authorizer.
                hasPermission(projectId, personId, "system.project.iteration.story", 10, "read.test");
        assertTrue("wrong result", result);


        // resource type wildcard, resourceId exact match, permission name wildcard
        // editor role
        result = authorizer.
                hasPermission(projectId, personId, "system.project.iteration.story", 10, "read.test");
        assertTrue("wrong result", result);


        // resource type wildcard, resourceId non match, permission name wildcard
        result = authorizer.
                hasPermission(projectId, personId, "system.project.iteration.story", 11, "write.test");
        assertFalse("wrong result", result);
    }

View Full Code Here

0 1 2 3

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.