public interface AuthorizerConfiguration
Authorizer
implementations.
The results of changes to the access control configuration made via the WildFly management layer will be made available here.
Modifier and Type | Interface and Description |
---|---|
static interface |
AuthorizerConfiguration.MappingPrincipal
Encapsulates the notion of a principal used in
Caller to AuthorizerConfiguration.RoleMapping mapping. |
static class |
AuthorizerConfiguration.PrincipalType
Types of
AuthorizerConfiguration.MappingPrincipal s used in Caller to AuthorizerConfiguration.RoleMapping mapping. |
static interface |
AuthorizerConfiguration.RoleMapping
Encapsulates the notion of a role to which a caller can be mapped.
|
static class |
AuthorizerConfiguration.ScopedRole
Encapsulates configuration information for a scoped role.
|
static interface |
AuthorizerConfiguration.ScopedRoleListener
Listener for changes to the configured scoped roles.
|
Modifier and Type | Method and Description |
---|---|
Set<String> |
getAllRoles()
Gets the names of the all roles used by the authorizer, including both built-in roles and roles added via
end user configuration.
|
CombinationPolicy |
getPermissionCombinationPolicy()
Gets the policy for combining access control permissions when the configuration grants the user
more than one type of permission for a given action.
|
Map<String,AuthorizerConfiguration.RoleMapping> |
getRoleMappings()
Gets the configured role mappings, keyed by the name of the role.
|
Map<String,AuthorizerConfiguration.ScopedRole> |
getScopedRoles()
Gets the configured scoped roles, keyed by the name of the role.
|
Set<String> |
getStandardRoles()
Gets the names of the "standard" "built-in" roles used by the authorizer.
|
boolean |
hasRole(String roleName)
Gets whether the current
set of roles contains the given role, with the
check performed using a case-insensitive algorithm. |
boolean |
isMapUsingRealmRoles()
Gets whether role mapping should use roles obtained from the security realm and associated
with the
Caller . |
boolean |
isNonFacadeMBeansSensitive()
Gets whether JMX calls to non-facade mbeans (i.e.
|
boolean |
isRoleBased()
Gets whether the authorizer uses a role-based authorization mechanism.
|
void |
registerScopedRoleListener(AuthorizerConfiguration.ScopedRoleListener listener)
Register a listener for changes in the configured scoped roles.
|
void |
unregisterScopedRoleListener(AuthorizerConfiguration.ScopedRoleListener listener)
Unregister a listener for changes in the configured scoped roles.
|
CombinationPolicy getPermissionCombinationPolicy()
null
.boolean isRoleBased()
true
if a role-based mechanism is used; false
if notSet<String> getStandardRoles()
null
, but may be an empty set if roles are not used
or no built-in roles are used.Map<String,AuthorizerConfiguration.ScopedRole> getScopedRoles()
null
Set<String> getAllRoles()
null
, but may be an empty set if roles are not used
or no built-in roles are used and no end user configured roles exist.boolean hasRole(String roleName)
set of roles
contains the given role, with the
check performed using a case-insensitive algorithm.roleName
- the name of the roletrue
if the current role set includes an item that
equals ignoring case
the given roleName
Map<String,AuthorizerConfiguration.RoleMapping> getRoleMappings()
null
boolean isMapUsingRealmRoles()
Caller
.true
if roleboolean isNonFacadeMBeansSensitive()
Authorizer#authorizeJmxOperation(Caller, Environment, JmxAction)
) should be treated as 'sensitive'.true
if non-facade mbean calls are sensitive; false
otherwisevoid registerScopedRoleListener(AuthorizerConfiguration.ScopedRoleListener listener)
listener
- the listener. Cannot be null
void unregisterScopedRoleListener(AuthorizerConfiguration.ScopedRoleListener listener)
listener
- the listener. Cannot be null
Copyright © 2023 JBoss by Red Hat. All rights reserved.