All Known Subinterfaces:

GroupManager, WebAuthorizer

All Known Implementing Classes:

DefaultGroupManager, WebContainerAuthorizer
```
public interface Authorizer
```
Interface for service providers of authorization information. After a user successfully logs in, the AuthenticationManager consults the configured Authorizer to determine which additional Role principals should be added to the user's Session. To determine which roles should be injected, the Authorizer is queried for the roles it knows about by calling getRoles(). Then, each role returned by the Authorizer is tested by calling isUserInRole(Session, Principal). If this check fails, and the Authorizer is of type WebAuthorizer, AuthenticationManager checks the role again by calling WebAuthorizer.isUserInRole(javax.servlet.http.HttpServletRequest, Principal)). Any roles that pass the test are injected into the Subject by firing appropriate authentication events.

Since:

2.3

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method	Description
`java.security.Principal`	`findRole(java.lang.String role)`	Looks up and returns a role Principal matching a given String.
`java.security.Principal[]`	`getRoles()`	Returns an array of role Principals this Authorizer knows about.
`void`	`initialize(Engine engine, java.util.Properties props)`	Initializes the authorizer.
`boolean`	`isUserInRole(Session session, java.security.Principal role)`	Determines whether the Subject associated with a WikiSession is in a particular role.

- Method Detail
  - getRoles
```
java.security.Principal[] getRoles()
```
    Returns an array of role Principals this Authorizer knows about. This method will always return an array; an implementing class may choose to return an zero-length array if it has no ability to identify the roles under its control.
    
    Returns:
    
    an array of Principals representing the roles
  - findRole
```
java.security.Principal findRole(java.lang.String role)
```
    Looks up and returns a role Principal matching a given String. If a matching role cannot be found, this method returns null. Note that it may not always be feasible for an Authorizer implementation to return a role Principal.
    
    Parameters:
    
    role - the name of the role to retrieve
    
    Returns:
    
    the role Principal
  - initialize
```
void initialize(Engine engine,
                java.util.Properties props)
         throws WikiSecurityException
```
    Initializes the authorizer.
    
    Parameters:
    
    engine - the current wiki engine
    
    props - the wiki engine initialization properties
    
    Throws:
    
    WikiSecurityException - if the Authorizer could not be initialized
  - isUserInRole
```
boolean isUserInRole(Session session,
                     java.security.Principal role)
```
    Determines whether the Subject associated with a WikiSession is in a particular role. This method takes two parameters: the WikiSession containing the subject and the desired role ( which may be a Role or a Group). If either parameter is null, this method must return false.
    
    Parameters:
    
    session - the current WikiSession
    
    role - the role to check
    
    Returns:
    
    true if the user is considered to be in the role, false otherwise

Interface Authorizer

Method Summary

Method Detail

getRoles

findRole

initialize

isUserInRole