JACC をサポートするインターフェース
WebSphere® Application Server には、PolicyConfigurationFactory および PolicyConfiguration インターフェースに類似した RoleConfigurationFactory および RoleConfiguration インターフェースが用意されており、 インストール時にバインディング・ファイルに格納されている情報をプロバイダーに伝搬できます。 これらのインターフェースの実装はオプションです。
RoleConfiguration インターフェース:
RoleConfiguration
- com.ibm.wsspi.security.authorization.RoleConfiguration
/**
* This interface is used to propagate the authorization table information
* in the binding file during application installation. Implementation of this interface is
* optional. When a JACC provider implements this interface during an application, both
* the policy and the authorization table information are propagated to the provider.
* If this is not implemented, only the policy information is propagated as per
* the JACC specification.
* @ibm-spi
* @ibm-support-class-A1
*/
public interface RoleConfiguration
/**
* Add the users to the role in RoleConfiguration.
* The role is created, if it does not exist in RoleConfiguration.
* @param role the role name.
* @param users the list of the user names.
* @exception RoleConfigurationException if the users cannot be added.
*/
public void addUsersToRole(String role, List users)
throws RoleConfigurationException
/**
* Remove the users to the role in RoleConfiguration.
* @param role the role name.
* @param users the list of the user names.
* @exception RoleConfigurationException if the users cannot be removed.
*/
public void removeUsersFromRole(String role, List users)
throws RoleConfigurationException
/**
* Add the groups to the role in RoleConfiguration.
* The role is created if it does not exist in RoleConfiguration.
* @param role the role name.
* @param groups the list of the group names.
* @exception RoleConfigurationException if the groups cannot be added.
*/
public void addGroupsToRole(String role, List groups)
throws RoleConfigurationException
/**
* Remove the groups to the role in RoleConfiguration.
* @param role the role name.
* @param groups the list of the group names.
* @exception RoleConfigurationException if the groups cannot be removed.
*/
public void removeGroupsFromRole( String role, List groups)
throws RoleConfigurationException
/**
* Add the everyone to the role in RoleConfiguration.
* The role is created if it does not exist in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the everyone cannot be added.
*/
public void addEveryoneToRole(String role)
throws RoleConfigurationException
/**
* Remove the everyone to the role in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the everyone cannot be removed.
*/
public void removeEveryoneFromRole( String role)
throws RoleConfigurationException
/**
* Add the all authenticated users to the role in RoleConfiguration.
* The role is created if it does not exist in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the authentication users cannot
* be added.
*/
public void addAuthenticatedUsersToRole(String role)
throws RoleConfigurationException
/**
* Remove the all authenticated users to the role in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the authentication users cannot
* be removed.
*/
public void removeAuthenticatedUsersFromRole( String role)
throws RoleConfigurationException
/**
* This commits the changes in Roleconfiguration.
* @exception RoleConfigurationException if the changes cannot be
* committed.
*/
public void commit( )
throws RoleConfigurationException
/**
* This deletes the RoleConfiguration from the RoleConfiguration Factory.
* @exception RoleConfigurationException if the RoleConfiguration cannot
* be deleted.
*/
public void delete( )
throws RoleConfigurationException
/**
* This returns the contextID of the RoleConfiguration.
* @exception RoleConfigurationException if the contextID cannot be
* obtained.
*/
public String getContextID( )
throws RoleConfigurationException
RoleConfigurationFactory インターフェース:
RoleConfigurationFactory
- com.ibm.wsspi.security.authorization.RoleConfigurationFactory
/**
* This interface is used to instantiate the com.ibm.wsspi.security.authorization.RoleConfiguration
* objects based on the context identifier similar to the policy context identifier.
* Implementation of this interface is required only if the RoleConfiguration interface is implemented.
*
* @ibm-spi
* @ibm-support-class-A1
*/
public interface RoleConfigurationFactory
/**
* This gets a RoleConfiguration with contextID from the
* RoleConfigurationfactory. If the RoleConfiguration does not exist
* for the contextID in the RoleConfigurationFactory, a new
* RoleConfiguration with contextID is created in the
* RoleConfigurationFactory. The contextID is similar to
* PolicyContextID, but it does not contain the module name.
* If remove is true, the old RoleConfiguration is removed and a new
* RoleConfiguration is created, and returns with the contextID.
* @return the RoleConfiguration object for this contextID
* @param contextID the context ID of RoleConfiguration
* @param remove true or false
* @exception RoleConfigurationException if RoleConfiguration
* cannot be obtained.
**/
public abstract com.ibm.ws.security.policy.RoleConfiguration
getRoleConfiguration(String contextID, boolean remove)
throws RoleConfigurationException
InitializeJACCProvider プロバイダー:
プロバイダー によって実装された場合、このインターフェースは JACC プロバイダーが許可のために使用される可能性があるすべてのプロセスによって呼び出されます。 許可検査中に入力されるすべての追加プロパティーは、プロバイダーに渡されます。 例えば、プロバイダーはこの情報を使って、サーバーやリポジトリーと通信するためのクライアント・コードを初期化することができます。 サーバーのシャットダウン中に、クリーンアップ・メソッドが呼び出されて構成をクリーンアップします。
宣言:
パブリック・インターフェース InitializeJACCProvider
説明:
このインターフェースは 2 つのメソッドを有しています。 JACC プロバイダーはこのインターフェースを実装することができ、WebSphere Application Server はこれを呼び出して JACC プロバイダーを初期化します。 実装クラス名は、initializeJACCProviderClassName システム・プロパティーの値から入手します。
InitializeJACCProvider
- com.ibm.wsspi.security.authorization.InitializeJACCProvider
/**
* Initializes the JACC provider
* @return 0 for success.
* @param props the custom properties that are included for this provider will
* pass to the implementation class.
* @exception Exception for any problems encountered.
**/
public int initialize(java.util.Properties props)
throws Exception
/**
* This method is for the JACC provider cleanup and will be called during a process stop.
**/
public void cleanup()