Overview  Package   Class  Deprecated  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.exist.security.xacml
Class UserAttributeModule

java.lang.Object
  extended by com.sun.xacml.finder.AttributeFinderModule
      extended by org.exist.security.xacml.UserAttributeModule

public class UserAttributeModule
extends AttributeFinderModule

This class looks up attributes for a Subject with a subject-category of access-subject. The currently supported attributes are user name and groups. This is a possible implementation point for LDAP lookup if this is desired in the future.

Constructor Summary
UserAttributeModule(ExistPDP pdp)
          Creates an AttributeFinderModule capable of retrieving attributes for a User.
 
Method Summary
 EvaluationResult findAttribute(URI attributeType, URI attributeId, URI issuer, URI subjectCategory, EvaluationCtx context, int designatorType)
           
 Set getSupportedDesignatorTypes()
          Returns a Set containing AttributeDesignator.SUBJECT_TARGET to indicate that this module only supports Subjects.
 Set getSupportedIds()
          A Set containing the URIs user name and groups to indicate that these are the only attributes supported by this module.
 boolean isDesignatorSupported()
          Indicates support of looking up attributes by data supplied by an AttributeDesignator element, specifically, a SubjectAttributeDesignator element.
 
Methods inherited from class com.sun.xacml.finder.AttributeFinderModule
findAttribute, getIdentifier, invalidateCache, isSelectorSupported
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

UserAttributeModule

public UserAttributeModule(ExistPDP pdp)
Creates an AttributeFinderModule capable of retrieving attributes for a User.

Parameters:
pdp - The ExistPDP that is used to obtain information about a given User.
Method Detail

findAttribute

public EvaluationResult findAttribute(URI attributeType,
                                      URI attributeId,
                                      URI issuer,
                                      URI subjectCategory,
                                      EvaluationCtx context,
                                      int designatorType)
Overrides:
findAttribute in class AttributeFinderModule

isDesignatorSupported

public boolean isDesignatorSupported()
Indicates support of looking up attributes by data supplied by an AttributeDesignator element, specifically, a SubjectAttributeDesignator element.

Overrides:
isDesignatorSupported in class AttributeFinderModule
Returns:
true to indicate that this module supports this method of looking up attributes

getSupportedDesignatorTypes

public Set getSupportedDesignatorTypes()
Returns a Set containing AttributeDesignator.SUBJECT_TARGET to indicate that this module only supports Subjects.

Overrides:
getSupportedDesignatorTypes in class AttributeFinderModule
Returns:
A Set indicating the supported designator type.

getSupportedIds

public Set getSupportedIds()
A Set containing the URIs user name and groups to indicate that these are the only attributes supported by this module.

Overrides:
getSupportedIds in class AttributeFinderModule
Returns:
A Set indicating the supported attribute ids.
Overview  Package   Class  Deprecated  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright (C) Wolfgang Meier. All rights reserved.