支持 JACC 的接口
WebSphere® Application Server 提供 RoleConfigurationFactory 和 RoleConfiguration 接口,它们类似于 PolicyConfigurationFactory 和 PolicyConfiguration 的接口,因此存储在绑定文件中的信息可以在安装期间传播给提供程序。这些接口的实现是可选的。
RoleConfiguration 接口:
RoleConfiguration 接口
用于将授权信息传播给提供程序。此接口类似于在 Java™ Authorization Contact for Containers (JACC) 中找到的 PolicyConfiguration 接口。
RoleConfiguration
- com.ibm.wsspi.security.authorization.RoleConfiguration
/**
* This interface is used to propagate the authorization table information
* in the binding file during application installation. Implementation of this interface is
* optional. When a JACC provider implements this interface during an application, both
* the policy and the authorization table information are propagated to the provider.
* If this is not implemented, only the policy information is propagated as per
* the JACC specification.
* @ibm-spi
* @ibm-support-class-A1
*/
public interface RoleConfiguration
/**
* Add the users to the role in RoleConfiguration.
* The role is created, if it does not exist in RoleConfiguration.
* @param role the role name.
* @param users the list of the user names.
* @exception RoleConfigurationException if the users cannot be added.
*/
public void addUsersToRole(String role, List users)
throws RoleConfigurationException
/**
* Remove the users to the role in RoleConfiguration.
* @param role the role name.
* @param users the list of the user names.
* @exception RoleConfigurationException if the users cannot be removed.
*/
public void removeUsersFromRole(String role, List users)
throws RoleConfigurationException
/**
* Add the groups to the role in RoleConfiguration.
* The role is created if it does not exist in RoleConfiguration.
* @param role the role name.
* @param groups the list of the group names.
* @exception RoleConfigurationException if the groups cannot be added.
*/
public void addGroupsToRole(String role, List groups)
throws RoleConfigurationException
/**
* Remove the groups to the role in RoleConfiguration.
* @param role the role name.
* @param groups the list of the group names.
* @exception RoleConfigurationException if the groups cannot be removed.
*/
public void removeGroupsFromRole( String role, List groups)
throws RoleConfigurationException
/**
* Add the everyone to the role in RoleConfiguration.
* The role is created if it does not exist in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the everyone cannot be added.
*/
public void addEveryoneToRole(String role)
throws RoleConfigurationException
/**
* Remove the everyone to the role in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the everyone cannot be removed.
*/
public void removeEveryoneFromRole( String role)
throws RoleConfigurationException
/**
* Add the all authenticated users to the role in RoleConfiguration.
* The role is created if it does not exist in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the authentication users cannot
* be added.
*/
public void addAuthenticatedUsersToRole(String role)
throws RoleConfigurationException
/**
* Remove the all authenticated users to the role in RoleConfiguration.
* @param role the role name.
* @exception RoleConfigurationException if the authentication users cannot
* be removed.
*/
public void removeAuthenticatedUsersFromRole( String role)
throws RoleConfigurationException
/**
* This commits the changes in Roleconfiguration.
* @exception RoleConfigurationException if the changes cannot be
* committed.
*/
public void commit( )
throws RoleConfigurationException
/**
* This deletes the RoleConfiguration from the RoleConfiguration Factory.
* @exception RoleConfigurationException if the RoleConfiguration cannot
* be deleted.
*/
public void delete( )
throws RoleConfigurationException
/**
* This returns the contextID of the RoleConfiguration.
* @exception RoleConfigurationException if the contextID cannot be
* obtained.
*/
public String getContextID( )
throws RoleConfigurationException
RoleConfigurationFactory 接口:
RoleConfigurationFactory 接口类似于由 JACC 引入的 PolicyConfigurationFactory 接口,而且用于获取基于 contextID 的 RoleConfiguration 对象。
RoleConfigurationFactory
- com.ibm.wsspi.security.authorization.RoleConfigurationFactory
/**
* This interface is used to instantiate the com.ibm.wsspi.security.authorization.RoleConfiguration
* objects based on the context identifier similar to the policy context identifier.
* Implementation of this interface is required only if the RoleConfiguration interface is implemented.
*
* @ibm-spi
* @ibm-support-class-A1
*/
public interface RoleConfigurationFactory
/**
* This gets a RoleConfiguration with contextID from the
* RoleConfigurationfactory. If the RoleConfiguration does not exist
* for the contextID in the RoleConfigurationFactory, a new
* RoleConfiguration with contextID is created in the
* RoleConfigurationFactory. The contextID is similar to
* PolicyContextID, but it does not contain the module name.
* If remove is true, the old RoleConfiguration is removed and a new
* RoleConfiguration is created, and returns with the contextID.
* @return the RoleConfiguration object for this contextID
* @param contextID the context ID of RoleConfiguration
* @param remove true or false
* @exception RoleConfigurationException if RoleConfiguration
* cannot be obtained.
**/
public abstract com.ibm.ws.security.policy.RoleConfiguration
getRoleConfiguration(String contextID, boolean remove)
throws RoleConfigurationException
InitializeJACCProvider 提供程序:
当提供程序实现了此接口时,此接口由 JACC 提供程序可用于授权的每个进程调用此接口。将在授权检查期间输入的所有其他属性传递给提供程序。例如,提供程序可以使用此信息初始化客户机代码以与服务器或存储库通信。在服务器关闭期间调用 cleanup 方法,以清除配置。
声明:
公共接口 InitializeJACCProvider
描述:
此接口有两种 方法。JACC 提供程序可以实现该接口,并且 WebSphere Application Server 调用它以初始化 JACC 提供程序。从 initializeJACCProviderClassName 系统属性的值获取实现类的名称。
此类必须位于使用此提供程序的每个服务器类路径上的 Java 归档 (JAR) 文件中。
InitializeJACCProvider
- com.ibm.wsspi.security.authorization.InitializeJACCProvider
/**
* Initializes the JACC provider
* @return 0 for success.
* @param props the custom properties that are included for this provider will
* pass to the implementation class.
* @exception Exception for any problems encountered.
**/
public int initialize(java.util.Properties props)
throws Exception
/**
* This method is for the JACC provider cleanup and will be called during a process stop.
**/
public void cleanup()