Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/java.security.sasl/share/classes/javax/security/sasl/AuthorizeCallback.java
changeset 47216 71c04702a3d5
parent 25859 3317bb8137f4 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.security.sasl/share/classes/javax/security/sasl/AuthorizeCallback.java	Tue Sep 12 19:03:39 2017 +0200
@@ -0,0 +1,145 @@
+/*
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package javax.security.sasl;
+
+import javax.security.auth.callback.Callback;
+
+/**
+  * This callback is used by {@code SaslServer} to determine whether
+  * one entity (identified by an authenticated authentication id)
+  * can act on
+  * behalf of another entity (identified by an authorization id).
+  *
+  * @since 1.5
+  *
+  * @author Rosanna Lee
+  * @author Rob Weltman
+  */
+public class AuthorizeCallback implements Callback, java.io.Serializable {
+    /**
+     * The (authenticated) authentication id to check.
+     * @serial
+     */
+    private String authenticationID;
+
+    /**
+     * The authorization id to check.
+     * @serial
+     */
+    private String authorizationID;
+
+    /**
+     * The id of the authorized entity. If null, the id of
+     * the authorized entity is authorizationID.
+     * @serial
+     */
+    private String authorizedID;
+
+    /**
+     * A flag indicating whether the authentication id is allowed to
+     * act on behalf of the authorization id.
+     * @serial
+     */
+    private boolean authorized;
+
+    /**
+     * Constructs an instance of {@code AuthorizeCallback}.
+     *
+     * @param authnID   The (authenticated) authentication id.
+     * @param authzID   The authorization id.
+     */
+    public AuthorizeCallback(String authnID, String authzID) {
+        authenticationID = authnID;
+        authorizationID = authzID;
+    }
+
+    /**
+     * Returns the authentication id to check.
+     * @return The authentication id to check.
+     */
+    public String getAuthenticationID() {
+        return authenticationID;
+    }
+
+    /**
+     * Returns the authorization id to check.
+     * @return The authentication id to check.
+     */
+    public String getAuthorizationID() {
+        return authorizationID;
+    }
+
+    /**
+     * Determines whether the authentication id is allowed to
+     * act on behalf of the authorization id.
+     *
+     * @return {@code true} if authorization is allowed; {@code false} otherwise
+     * @see #setAuthorized(boolean)
+     * @see #getAuthorizedID()
+     */
+    public boolean isAuthorized() {
+        return authorized;
+    }
+
+    /**
+     * Sets whether the authorization is allowed.
+     * @param ok {@code true} if authorization is allowed; {@code false} otherwise
+     * @see #isAuthorized
+     * @see #setAuthorizedID(java.lang.String)
+     */
+    public void setAuthorized(boolean ok) {
+        authorized = ok;
+    }
+
+    /**
+     * Returns the id of the authorized user.
+     * @return The id of the authorized user. {@code null} means the
+     * authorization failed.
+     * @see #setAuthorized(boolean)
+     * @see #setAuthorizedID(java.lang.String)
+     */
+    public String getAuthorizedID() {
+        if (!authorized) {
+            return null;
+        }
+        return (authorizedID == null) ? authorizationID : authorizedID;
+    }
+
+    /**
+     * Sets the id of the authorized entity. Called by handler only when the id
+     * is different from getAuthorizationID(). For example, the id
+     * might need to be canonicalized for the environment in which it
+     * will be used.
+     * @param id The id of the authorized user.
+     * @see #setAuthorized(boolean)
+     * @see #getAuthorizedID
+     */
+    public void setAuthorizedID(String id) {
+        authorizedID = id;
+    }
+
+    private static final long serialVersionUID = -2353344186490470805L;
+}
jdk-sandbox