public interface Authorizer
Authorizer is an interface for identity service
to check authorization of a WSC.| Modifier and Type | Method and Description |
|---|---|
Object |
getAuthorizationDecision(Object credential,
String action,
Object data,
Map env)
Returns authorization decision for the given action(query or modify)
and to the given select data
|
boolean |
isAuthorized(Object credential,
String action,
Object data,
Map env)
Checks if the
WSC is authorized to query or modify the
select data. |
boolean isAuthorized(Object credential, String action, Object data, Map env)
WSC is authorized to query or modify the
select data.credential - credential of a WSC.action - request action.data - Object who is being accessed.env - A Map contains information useful for policy evaluation.
The following key is defined and its value should be
passed in:
Key: USER_ID
Value: id of the user whose resource is being accessed.
Key: AUTH_TYPE
Value: The authentication mechanism WSC used.
Key: MESSAGE
Value:
com.sun.identity.liberty.ws.soapbinding.Message
.WSC is authorized.Object getAuthorizationDecision(Object credential, String action, Object data, Map env) throws Exception
credential - credential of a WSC.action - request action.data - Object who is being accessed.env - A Map contains information useful for policy evaluation.
The following key is defined and its value should be passed in:
Key: USER_ID
Value: id of the user whose resource is being accessed.
Key: AUTH_TYPE
Value: The authentication mechanism WSC used.
Key: MESSAGE
Value:
com.sun.identity.liberty.ws.soapbinding.Message.AuthorizationDecision object contains authorization
decision information for the given resource.Exception - If there was an error while obtaining the authorization decision.Copyright © 2010-2018, ForgeRock All Rights Reserved.