public interface Authorizer
AuthenticationManagerconsults the configured Authorizer to determine which additional
Roleprincipals should be added to the user's WikiSession. To determine which roles should be injected, the Authorizer is queried for the roles it knows about by calling
getRoles(). Then, each role returned by the Authorizer is tested by calling
isUserInRole(WikiSession, Principal). If this check fails, and the Authorizer is of type WebAuthorizer, AuthenticationManager checks the role again by calling
WebAuthorizer.isUserInRole(javax.servlet.http.HttpServletRequest, Principal)). Any roles that pass the test are injected into the Subject by firing appropriate authentication events.
|Modifier and Type||Method and Description|
Looks up and returns a role Principal matching a given String.
Returns an array of role Principals this Authorizer knows about.
Initializes the authorizer.
Determines whether the Subject associated with a WikiSession is in a particular role.
null. Note that it may not always be feasible for an Authorizer implementation to return a role Principal.
role- the name of the role to retrieve
void initialize(WikiEngine engine, Properties props) throws WikiSecurityException
engine- the current wiki engine
props- the wiki engine initialization properties
WikiSecurityException- if the Authorizer could not be initialized
boolean isUserInRole(WikiSession session, Principal role)
null, this method must return
session- the current WikiSession
role- the role to check
trueif the user is considered to be in the role,
Copyright © 2001-2019 The Apache Software Foundation. All rights reserved.