JACC를 지원하는 인터페이스
WebSphere® Application Server는 바인딩 파일에 저장되는 정보가 설치 중에 제공자에게 전달될 수 있도록 PolicyConfigurationFactory 및 PolicyConfiguration 인터페이스와 유사한 RoleConfigurationFactory 및 the RoleConfiguration 인터페이스를 제공합니다. 이러한 인터페이스의 구현은 선택적입니다.
RoleConfiguration 인터페이스:
RoleConfiguration
인터페이스를 사용하여 권한 정보를 제공자에게 전파합니다.
이 인터페이스는 JACC(Java™ Authorization Contact for Containers)에서
찾을 수 있는 PolicyConfiguration 인터페이스와 유사합니다.
RoleConfiguration
- com.ibm.wsspi.security.authorization.RoleConfiguration
/**
* This interface is used to propagate the authorization table information
* in the binding file during application installation. Implementation of this interface is
* optional. When a JACC provider implements this interface during an application, both
* the policy and the authorization table information are propagated to the provider.
* If this is not implemented, only the policy information is propagated as per
* the JACC specification.
* @ibm-spi
* @ibm-support-class-A1
*/
public interface RoleConfiguration
/**
* Add the users to the role in RoleConfiguration.
* The role is created, if it does not exist in RoleConfiguration.
* @param role the role name.
* @param users the list of the user names.
* @exception RoleConfigurationException if the users cannot be added.
*/
public void addUsersToRole(String role, List users)
throws RoleConfigurationException
/**
* Remove the users to the role in RoleConfiguration.
* @param role the role name.
* @param users the list of the user names.
* @exception RoleConfigurationException if the users cannot be removed.
*/
public void removeUsersFromRole(String role, List users)
throws RoleConfigurationException
/**
* Add the groups to the role in RoleConfiguration.
* The role is created if it does not exist in RoleConfiguration.
* @param role the role name.
* @param groups the list of the group names.
* @exception RoleConfigurationException if the groups cannot be added.
*/
public void addGroupsToRole(String role, List groups)
throws RoleConfigurationException
/**
* Remove the groups to the role in RoleConfiguration.
* @param role the role name.
* @param groups the list of the group names.
* @exception RoleConfigurationException if the groups cannot be removed.
*/
public void removeGroupsFromRole( String role, List groups)
throws RoleConfigurationException
/**
* Add the everyone to the role in RoleConfiguration.
* The role is created if it does not exist in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the everyone cannot be added.
*/
public void addEveryoneToRole(String role)
throws RoleConfigurationException
/**
* Remove the everyone to the role in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the everyone cannot be removed.
*/
public void removeEveryoneFromRole( String role)
throws RoleConfigurationException
/**
* Add the all authenticated users to the role in RoleConfiguration.
* The role is created if it does not exist in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the authentication users cannot
* be added.
*/
public void addAuthenticatedUsersToRole(String role)
throws RoleConfigurationException
/**
* Remove the all authenticated users to the role in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the authentication users cannot
* be removed.
*/
public void removeAuthenticatedUsersFromRole( String role)
throws RoleConfigurationException
/**
* This commits the changes in Roleconfiguration.
* @exception RoleConfigurationException if the changes cannot be
* committed.
*/
public void commit( )
throws RoleConfigurationException
/**
* This deletes the RoleConfiguration from the RoleConfiguration Factory.
* @exception RoleConfigurationException if the RoleConfiguration cannot
* be deleted.
*/
public void delete( )
throws RoleConfigurationException
/**
* This returns the contextID of the RoleConfiguration.
* @exception RoleConfigurationException if the contextID cannot be
* obtained.
*/
public String getContextID( )
throws RoleConfigurationException
RoleConfigurationFactory 인터페이스:
RoleConfigurationFactory
인터페이스는 JACC에 의해 소개된 PolicyConfigurationFactory 인터페이스와 유사하고
contextID ID를 기반으로 RoleConfiguration 오브젝트를 얻는 데 사용됩니다.
RoleConfigurationFactory
- com.ibm.wsspi.security.authorization.RoleConfigurationFactory
/**
* This interface is used to instantiate the com.ibm.wsspi.security.authorization.RoleConfiguration
* objects based on the context identifier similar to the policy context identifier.
* Implementation of this interface is required only if the RoleConfiguration interface is implemented.
*
* @ibm-spi
* @ibm-support-class-A1
*/
public interface RoleConfigurationFactory
/**
* This gets a RoleConfiguration with contextID from the
* RoleConfigurationfactory. If the RoleConfiguration does not exist
* for the contextID in the RoleConfigurationFactory, a new
* RoleConfiguration with contextID is created in the
* RoleConfigurationFactory. The contextID is similar to
* PolicyContextID, but it does not contain the module name.
* If remove is true, the old RoleConfiguration is removed and a new
* RoleConfiguration is created, and returns with the contextID.
* @return the RoleConfiguration object for this contextID
* @param contextID the context ID of RoleConfiguration
* @param remove true or false
* @exception RoleConfigurationException if RoleConfiguration
* cannot be obtained.
**/
public abstract com.ibm.ws.security.policy.RoleConfiguration
getRoleConfiguration(String contextID, boolean remove)
throws RoleConfigurationException
InitializeJACCProvider 제공자:
제공자에 의해 구현되는 경우 이 인터페이스는 권한 부여를 위해 JACC 제공자를 사용할 수 있는 모든 프로세스에 의해 호출됩니다. 권한 확인 중에 입력되는 모든 추가 특성은 제공자에게 전달됩니다. 예를 들어, 제공자는 이 정보를 사용하여 해당 서버 또는 저장소와 통신하기 위해 클라이언트 코드를 초기화할 수 있습니다. 서버 시스템 종료 중 정리 메소드가 호출되어 구성을 정리합니다.
선언:
공용 인터페이스 InitializeJACCProvider
설명:
이 인터페이스에는 두 개의 메소드가 있습니다. JACC 제공자는 이 인터페이스를 구현할 수 있고 WebSphere Application Server는 이를 호출하여 JACC 제공자를 초기화합니다. 구현 클래스의 이름은 initializeJACCProviderClassName 시스템 특성의 값에서 얻습니다.
이 클래스는 이 제공자를 사용하는 각 서버의 클래스 경로에 있는 JAR(Java Archive) 파일에 상주해야 합니다.
InitializeJACCProvider
- com.ibm.wsspi.security.authorization.InitializeJACCProvider
/**
* Initializes the JACC provider
* @return 0 for success.
* @param props the custom properties that are included for this provider will
* pass to the implementation class.
* @exception Exception for any problems encountered.
**/
public int initialize(java.util.Properties props)
throws Exception
/**
* This method is for the JACC provider cleanup and will be called during a process stop.
**/
public void cleanup()