public final class DelegatingConfigurableAuthorizer extends Object implements JmxAuthorizer
Authorizer
that delegates to another. Used for initial boot to allow
an instance of this class to be provided to the ModelController
but then have the
functional implementation swapped out when boot proceeds to the point where the user-configured
authorizer is available.Authorizer.AuthorizerDescription
Constructor and Description |
---|
DelegatingConfigurableAuthorizer() |
Modifier and Type | Method and Description |
---|---|
AuthorizationResult |
authorize(Caller caller,
Environment callEnvironment,
Action action,
TargetAttribute target)
Authorize a management operation affecting an individual attribute.
|
AuthorizationResult |
authorize(Caller caller,
Environment callEnvironment,
Action action,
TargetResource target)
Authorize a management operation affecting an entire resource.
|
AuthorizationResult |
authorizeJmxOperation(Caller caller,
Environment callEnvironment,
JmxAction action,
JmxTarget target)
Authorize a JMX operation.
|
Set<String> |
getCallerRoles(Caller caller,
Environment callEnvironment,
Set<String> runAsRoles)
Gets the set of roles the caller can run as taking into account any requested 'run as' roles.
|
Authorizer.AuthorizerDescription |
getDescription()
Gets a description of the characteristics of this authorizer
|
WritableAuthorizerConfiguration |
getWritableAuthorizerConfiguration() |
boolean |
isNonFacadeMBeansSensitive()
Gets whether JMX calls to non-facade mbeans (i.e.
|
void |
setDelegate(Authorizer delegate) |
void |
setNonFacadeMBeansSensitive(boolean sensitive)
Sets whether JMX calls to non-facade mbeans (i.e.
|
void |
shutdown() |
public WritableAuthorizerConfiguration getWritableAuthorizerConfiguration()
public void setDelegate(Authorizer delegate)
public Set<String> getCallerRoles(Caller caller, Environment callEnvironment, Set<String> runAsRoles)
Authorizer
getCallerRoles
in interface Authorizer
caller
- the caller. Cannot be null
callEnvironment
- the call environment. Cannot be null
runAsRoles
- any requested 'run as' roles. May be null
null
will be returned if the access control provider does not support role mapping.public Authorizer.AuthorizerDescription getDescription()
Authorizer
getDescription
in interface Authorizer
null
public AuthorizationResult authorize(Caller caller, Environment callEnvironment, Action action, TargetAttribute target)
Authorizer
authorize
in interface Authorizer
caller
- the caller. Cannot be null
callEnvironment
- the call environment. Cannot be null
action
- the action being authorized. Cannot be null
target
- the target of the action. Cannot be null
null
public AuthorizationResult authorize(Caller caller, Environment callEnvironment, Action action, TargetResource target)
Authorizer
authorize
in interface Authorizer
caller
- the caller. Cannot be null
callEnvironment
- the call environment. Cannot be null
action
- the action being authorized. Cannot be null
target
- the target of the action. Cannot be null
null
public AuthorizationResult authorizeJmxOperation(Caller caller, Environment callEnvironment, JmxAction action, JmxTarget target)
Authorizer
authorizeJmxOperation
in interface Authorizer
caller
- the caller. Cannot be null
callEnvironment
- the call environment. Cannot be null
action
- the action being authorized. Cannot be null
target
- the target of the action. Cannot be null
null
public void setNonFacadeMBeansSensitive(boolean sensitive)
JmxAuthorizer
Authorizer.authorizeJmxOperation(org.jboss.as.controller.access.Caller, org.jboss.as.controller.access.Environment,
org.jboss.as.controller.access.JmxAction, org.jboss.as.controller.access.JmxTarget)
) should be treated as 'sensitive'.setNonFacadeMBeansSensitive
in interface JmxAuthorizer
sensitive
- true
if non-facade mbean calls are sensitive; false
otherwisepublic void shutdown()
public boolean isNonFacadeMBeansSensitive()
JmxAuthorizer
Authorizer.authorizeJmxOperation(org.jboss.as.controller.access.Caller, org.jboss.as.controller.access.Environment,
org.jboss.as.controller.access.JmxAction, org.jboss.as.controller.access.JmxTarget)
) should be treated as 'sensitive'.isNonFacadeMBeansSensitive
in interface JmxAuthorizer
true
if non-facade mbean calls are sensitive; false
otherwiseCopyright © 2023 JBoss by Red Hat. All rights reserved.