Examples of Authorizer

net.webpasswordsafe.server.plugin.authorization.Authorizer
@author Josh Drummond
org.apache.derby.iapi.sql.conn.Authorizer
The Authorizer verifies a connected user has the authorization to perform a requested database operation using the current connection.
Today no object based authorization is supported.
org.apache.geronimo.tomcat.security.Authorizer
@version $Rev: 794752 $ $Date: 2009-07-17 01:03:50 +0800 (Fri, 17 Jul 2009) $
org.apache.lenya.ac.Authorizer
An Authorizer checks if an Identity is authorized to invoke a certain request. @version $Id: Authorizer.java 473841 2006-11-12 00:46:38Z gregor $
org.brixcms.rmiserver.jackrabbit.Authorizer
Authorizes {@link Credentials} for given {@link Role} @author ivaynberg
org.cometd.bayeux.server.Authorizer
t subscribe to all channel.addAuthorizer(GrantAuthorizer.GRANT_SUBSCRIBE); // Grant publishes only to CNN employees channel.addAuthorizer(new Authorizer() { public Result authorize(Operation operation, ChannelId channel, ServerSession session, ServerMessage message) { if (operation == Operation.PUBLISH && session.getAttribute("isCNNEmployee") == Boolean.TRUE) return Result.grant(); else return Result.ignore(); } }); } });
A typical usage of authorizers is as follows:
- Create a wildcard authorizer that matches all channels and neither grants or denies (e.g. use {@code org.cometd.server.authorizer.GrantAuthorizer.GRANT_NONE}). This authorizer can be added to channel /** or to a more specific channel for your application such as /game/**. This ensures that authorizers set is not empty and that another authorizer must explicitly grant access.
- For public channels, that all users can access, add authorizers that will simply grant publish and/or subscribe permissions to the specific or wildcard channels.
- For access controlled channels (e.g. only nominated players can publish to a game channel), then specific implementation of authorizers need to be created that will check identities and possibly other state before granting permission. Typically there is no need for such authorizers to explicitly deny access, unless that attempted access represents a specific error condition that needs to be passed to the client in the message associated with a deny.
- For cross cutting concerns, such as checking a users credit or implementing user bans, authorizers can be created to explicitly deny access, without the need to modify all authorizers already in place that may grant.
@see SecurityPolicy
org.ejbca.core.model.authorization.Authorizer
A JavaBean handling the authorization in EJBCA. The main methods are isAthorized and authenticate. @version $Id: Authorizer.java 11526 2011-03-16 12:03:24Z netmackan $
org.nxplanner.security.auth.Authorizer
org.restlet.security.Authorizer
stlet.org/docs_2.1/113-restlet.html">User Guide - Authorization @author Jerome Louvel
ratpack.pac4j.Authorizer
An authorization strategy for integration with pac4j.
In particular, this allows control over which requests require authentication, the mechanism for performing access control, and the handling of authentication failures.
@see ratpack.pac4j.AbstractAuthorizer

Examples of net.webpasswordsafe.server.plugin.authorization.Authorizer

    
    @SuppressWarnings("unchecked")
    private boolean isAuthorized(HttpServletRequest req, String action)
    {
        boolean isAuthorized = false;
        Authorizer authorizer = (Authorizer)WebApplicationContextUtils.getWebApplicationContext(getServletContext()).getBean("authorizer");
        User user = new User();
        user.setUsername((String)req.getSession().getAttribute(Constants.SESSION_KEY_USERNAME));
        user.setRoles((Set<Constants.Role>)req.getSession().getAttribute(Constants.SESSION_KEY_ROLES));
        try
        {
            isAuthorized = authorizer.isAuthorized(user, action);
        }
        catch (Exception e)
        {
            isAuthorized = false;
        }

View Full Code Here

Examples of org.apache.derby.iapi.sql.conn.Authorizer

  public static void setDatabaseProperty(String key, String value) throws SQLException
  {
    LanguageConnectionContext lcc = ConnectionUtil.getCurrentLCC();


    try {
    Authorizer a = lcc.getAuthorizer();
    a.authorize((Activation) null, Authorizer.PROPERTY_WRITE_OP);


        // Get the current transaction controller
        TransactionController tc = lcc.getTransactionExecute();


    tc.setProperty(key, value, false);

View Full Code Here

Examples of org.apache.derby.iapi.sql.conn.Authorizer

  public static void setDatabaseProperty(String key, String value) throws SQLException
  {
    LanguageConnectionContext lcc = ConnectionUtil.getCurrentLCC();


    try {
    Authorizer a = lcc.getAuthorizer();
    a.authorize((Activation) null, Authorizer.PROPERTY_WRITE_OP);


        // Get the current transaction controller
        TransactionController tc = lcc.getTransactionExecute();


    tc.setProperty(key, value, false);

View Full Code Here

Examples of org.apache.derby.iapi.sql.conn.Authorizer

    LanguageConnectionContext lcc = ConnectionUtil.getCurrentLCC();


    try {
            SecurityUtil.authorize( Securable.SET_DATABASE_PROPERTY );
            
    Authorizer a = lcc.getAuthorizer();
    a.authorize((Activation) null, Authorizer.PROPERTY_WRITE_OP);


        // Get the current transaction controller
        TransactionController tc = lcc.getTransactionExecute();


    tc.setProperty(key, value, false);

View Full Code Here

Examples of org.apache.derby.iapi.sql.conn.Authorizer

        LanguageConnectionContext lcc = (LanguageConnectionContext)
        ContextService.getContextOrNull( LanguageConnectionContext.CONTEXT_ID );


        if ( lcc.usesSqlAuthorization() )
        {
            Authorizer   authorizer = lcc.getAuthorizer();


            DataDictionary dd = lcc.getDataDictionary();
            AliasDescriptor ad = dd.getRoutineList
                (
                 operation.routineSchemaID,
                 operation.routineName,
                 operation.routineType
                 ).get( 0 );
            ArrayList<StatementPermission>   requiredPermissions = new ArrayList<StatementPermission>();
            StatementRoutinePermission  executePermission = new StatementRoutinePermission( ad.getObjectID() );


            requiredPermissions.add( executePermission );


            authorizer.authorize( requiredPermissions, lcc.getLastActivation() );
        }
    }

View Full Code Here

Examples of org.apache.derby.iapi.sql.conn.Authorizer

            if ( authorizationCheck != null )
            {
                SecurityUtil.authorize( authorizationCheck );
            }
            
            Authorizer a = lcc.getAuthorizer();
            a.authorize((Activation) null, Authorizer.PROPERTY_WRITE_OP);


            // Get the current transaction controller
            TransactionController tc = lcc.getTransactionExecute();


            tc.setProperty(key, value, false);

View Full Code Here

Examples of org.apache.derby.iapi.sql.conn.Authorizer

  public static void setDatabaseProperty(String key, String value) throws SQLException
  {
    LanguageConnectionContext lcc = ConnectionUtil.getCurrentLCC();


    try {
    Authorizer a = lcc.getAuthorizer();
    a.authorize(Authorizer.PROPERTY_WRITE_OP);


        // Get the current transaction controller
        TransactionController tc = lcc.getTransactionExecute();


    tc.setProperty(key, value, false);

View Full Code Here

Examples of org.apache.derby.iapi.sql.conn.Authorizer

  public static void setDatabaseProperty(String key, String value) throws SQLException
  {
    LanguageConnectionContext lcc = ConnectionUtil.getCurrentLCC();


    try {
    Authorizer a = lcc.getAuthorizer();
    a.authorize((Activation) null, Authorizer.PROPERTY_WRITE_OP);


        // Get the current transaction controller
        TransactionController tc = lcc.getTransactionExecute();


    tc.setProperty(key, value, false);

View Full Code Here

Examples of org.apache.derby.iapi.sql.conn.Authorizer

  public static void setDatabaseProperty(String key, String value) throws SQLException
  {
    LanguageConnectionContext lcc = ConnectionUtil.getCurrentLCC();


    try {
    Authorizer a = lcc.getAuthorizer();
    a.authorize(Authorizer.PROPERTY_WRITE_OP);


        // Get the current transaction controller
        TransactionController tc = lcc.getTransactionExecute();


    tc.setProperty(key, value, false);

View Full Code Here

Examples of org.apache.geronimo.tomcat.security.Authorizer

        } else {
            authenticator = new NoneAuthenticator(unauthenticatedIdentity);
        }


        AccessControlContext defaultAcc = ContextManager.registerSubjectShort(defaultSubject,  null, null);
        Authorizer authorizer = createAuthorizer(defaultAcc);


        SecurityValve securityValve = new JACCSecurityValve(authenticator, authorizer, identityService, policyContextId);


        geronimoContext.addValve(securityValve);
        if (log.isDebugEnabled()) {

View Full Code Here

0 1 2 3

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.