org.edg.security.mediumgrainedauthz
Class MedAuthzHandler
java.lang.Object
|
+--org.apache.axis.handlers.BasicHandler
|
+--org.edg.security.mediumgrainedauthz.MedAuthzHandler
- All Implemented Interfaces:
- org.apache.axis.Handler, java.io.Serializable
- public class MedAuthzHandler
- extends org.apache.axis.handlers.BasicHandler
The MedAuthzHandler is an AXIS handler that can be put in a request flow
in front of a SOAP endpoint that needs medium grained authorization. This
handler should be behind a SOAPOverHTTPAuthorizationHandler
because the role or authorized attribute is fetched from the
SecurityContext
set by
SOAPOverHTTPAuthorizationHandler
. The handler class then
decides based on the role attribute whether a SOAP method call is allowed
or not.
Role - methodname mappings are stored using java Properties files,
e.g.containing mappings like "admin = delete, add, remove".
- See Also:
- Serialized Form
Fields inherited from class org.apache.axis.handlers.BasicHandler |
log, makeLockable, name, options |
Method Summary |
protected java.lang.String |
getOptionValue(java.lang.String name,
java.lang.String defaultValue)
Convenience method to extract an option setting or provide
a default value if empty or non-existent. |
void |
init()
|
void |
invoke(org.apache.axis.MessageContext mc)
|
Methods inherited from class org.apache.axis.handlers.BasicHandler |
canHandleBlock, cleanup, generateWSDL, getDeploymentData, getName, getOption, getOptions, getUnderstoodHeaders, initHashtable, onFault, setName, setOption, setOptionDefault, setOptions, setOptionsLockable |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
theAuthorizedValue
public static final java.lang.String theAuthorizedValue
- See Also:
- Constant Field Values
theMedGrainedAuthzConfigParameter
public static final java.lang.String theMedGrainedAuthzConfigParameter
- See Also:
- Constant Field Values
logger
protected static org.apache.log4j.Logger logger
IsInitialized
protected boolean IsInitialized
MedAuthzHandler
public MedAuthzHandler()
getOptionValue
protected java.lang.String getOptionValue(java.lang.String name,
java.lang.String defaultValue)
- Convenience method to extract an option setting or provide
a default value if empty or non-existent.
init
public void init()
- Specified by:
init
in interface org.apache.axis.Handler
- Overrides:
init
in class org.apache.axis.handlers.BasicHandler
- See Also:
Handler.init()
invoke
public void invoke(org.apache.axis.MessageContext mc)
throws org.apache.axis.AxisFault
- Specified by:
invoke
in interface org.apache.axis.Handler
- Specified by:
invoke
in class org.apache.axis.handlers.BasicHandler
org.apache.axis.AxisFault
- See Also:
Handler.invoke(MessageContext)