[jboss-cvs] JBossAS SVN: r64453 - in projects/security/security-spi/trunk/src/main/org/jboss/security: identitytrust and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Aug 3 12:44:07 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-08-03 12:44:07 -0400 (Fri, 03 Aug 2007)
New Revision: 64453
Added:
projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/
projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustContext.java
projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustException.java
projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustManager.java
projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustModule.java
Modified:
projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContext.java
Log:
SECURITY-59:IdentityTrustManager framework to make initial trust based decisions
Modified: projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContext.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContext.java 2007-08-03 15:54:07 UTC (rev 64452)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContext.java 2007-08-03 16:44:07 UTC (rev 64453)
@@ -10,6 +10,7 @@
import java.util.Map;
import org.jboss.security.audit.AuditManager;
+import org.jboss.security.identitytrust.IdentityTrustManager;
import org.jboss.security.mapping.MappingManager;
@@ -42,6 +43,12 @@
public AuditManager getAuditManager();
/**
+ * IdentityTrustManager configured for the security domain
+ * @return
+ */
+ public IdentityTrustManager getIdentityTrustManager();
+
+ /**
* Context Map
*/
public Map<String,Object> getData();
Added: projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustContext.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustContext.java (rev 0)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustContext.java 2007-08-03 16:44:07 UTC (rev 64453)
@@ -0,0 +1,61 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.identitytrust;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.identitytrust.IdentityTrustManager.TrustDecision;
+
+//$Id$
+
+/**
+ * Identity Trust Context that encloses multiple
+ * IdentityTrustModules making trust decisions
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 2, 2007
+ * @version $Revision$
+ */
+public abstract class IdentityTrustContext
+{
+ protected TrustDecision DENY = TrustDecision.Deny;
+ protected TrustDecision PERMIT = TrustDecision.Permit;
+ protected TrustDecision NOTAPPLICABLE = TrustDecision.NotApplicable;
+
+ protected SecurityContext securityContext;
+ protected CallbackHandler callbackHandler;
+ protected Map sharedState = new HashMap();
+
+ protected List<IdentityTrustModule> modules = new ArrayList<IdentityTrustModule>();
+
+ /**
+ * Control Flags for the individual modules
+ */
+ protected ArrayList controlFlags = new ArrayList();
+
+ public abstract TrustDecision isTrusted() throws IdentityTrustException;
+}
Added: projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustException.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustException.java (rev 0)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustException.java 2007-08-03 16:44:07 UTC (rev 64453)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.identitytrust;
+
+import java.security.GeneralSecurityException;
+
+//$Id$
+
+/**
+ * Identity Trust Exception
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 2, 2007
+ * @version $Revision$
+ */
+public class IdentityTrustException extends GeneralSecurityException
+{
+ private static final long serialVersionUID = 1L;
+
+ public IdentityTrustException()
+ {
+ super();
+ }
+
+ public IdentityTrustException(String msg, Throwable t)
+ {
+ super(msg, t);
+ }
+
+ public IdentityTrustException(String msg)
+ {
+ super(msg);
+ }
+
+ public IdentityTrustException(Throwable t)
+ {
+ super(t);
+ }
+}
Added: projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustManager.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustManager.java (rev 0)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustManager.java 2007-08-03 16:44:07 UTC (rev 64453)
@@ -0,0 +1,38 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.identitytrust;
+
+//$Id$
+
+/**
+ * Interface representing the trust manager
+ * for determining Identity
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 2, 2007
+ * @version $Revision$
+ */
+public interface IdentityTrustManager
+{
+ public enum TrustDecision{Permit,Deny,NotApplicable};
+
+ TrustDecision isTrusted();
+}
Added: projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustModule.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustModule.java (rev 0)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustModule.java 2007-08-03 16:44:07 UTC (rev 64453)
@@ -0,0 +1,75 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.identitytrust;
+
+import java.util.Map;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.identitytrust.IdentityTrustManager.TrustDecision;
+
+
+//$Id$
+
+/**
+ * IdentityTrustModule that is capable of making trust decisions
+ * @author Anil.Saldhana at redhat.com
+ * @since Aug 2, 2007
+ * @version $Revision$
+ */
+public interface IdentityTrustModule
+{
+ /**
+ * Abort the Trust Process
+ * @return true -abort process succeeded
+ */
+ boolean abort() throws IdentityTrustException;
+
+ /**
+ * The IdentityTrust Process has succeeded. The module
+ * can commit its decision (maybe to a Database)
+ * @return - commit process succeeded
+ * @throws IdentityTrustException
+ */
+ boolean commit() throws IdentityTrustException;
+
+ /**
+ * Initialize the module with the SecurityContext
+ * on which trust decisions will be made
+ * @param securityContext
+ * @param handler a CallbackHandler if needed
+ * @param sharedState a Shared State passed to all modules
+ * @param options configured options
+ * @throws IdentityTrustException
+ */
+ void initialize(SecurityContext securityContext, CallbackHandler handler,
+ Map sharedState, Map options) throws IdentityTrustException;
+
+ /**
+ * Make the trust decision
+ * @return {@link TrustDecision#Permit}, {@link TrustDecision#Deny},
+ * {@link TrustDecision#NotApplicable}
+ * @throws IdentityTrustException
+ */
+ TrustDecision isTrusted() throws IdentityTrustException;
+}
More information about the jboss-cvs-commits
mailing list