| Frames | No Frames |
1: /* AuthorizeCallback.java -- 2: Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package javax.security.sasl; 40: 41: import java.io.Serializable; 42: import javax.security.auth.callback.Callback; 43: 44: /** 45: * This callback is used by {@link SaslServer} to determine whether one entity 46: * (identified by an authenticated authentication ID) can act on behalf of 47: * another entity (identified by an authorization ID). 48: * 49: * @since 1.5 50: */ 51: public class AuthorizeCallback implements Callback, Serializable 52: { 53: // Constants and variables 54: // ------------------------------------------------------------------------- 55: 56: private static final long serialVersionUID = -2353344186490470805L; 57: 58: /** @serial The (authenticated) authentication id to check. */ 59: private String authenticationID = null; 60: 61: /** @serial The authorization id to check. */ 62: private String authorizationID = null; 63: 64: /** 65: * @serial The id of the authorized entity. If null, the id of the authorized 66: * entity is authorizationID. 67: */ 68: private String authorizedID = null; 69: 70: /** 71: * @serial A flag indicating whether the authentication id is allowed to act 72: * on behalf of the authorization id. 73: */ 74: private boolean authorized = false; 75: 76: // Constructor(s) 77: // ------------------------------------------------------------------------- 78: 79: /** 80: * Constructs an instance of <code>AuthorizeCallback</code>. 81: * 82: * @param authnID the (authenticated) authentication ID. 83: * @param authzID the authorization ID. 84: */ 85: public AuthorizeCallback(String authnID, String authzID) 86: { 87: super(); 88: 89: this.authenticationID = authnID; 90: this.authorizationID = authzID; 91: } 92: 93: // Class methods 94: // ------------------------------------------------------------------------- 95: 96: // Instance methods 97: // ------------------------------------------------------------------------- 98: 99: /** 100: * Returns the authentication ID to check. 101: * 102: * @return the authentication ID to check 103: */ 104: public String getAuthenticationID() 105: { 106: return authenticationID; 107: } 108: 109: /** 110: * Returns the authorization ID to check. 111: * 112: * @return the authorization ID to check. 113: */ 114: public String getAuthorizationID() 115: { 116: return authorizationID; 117: } 118: 119: /** 120: * Determines if the identity represented by authentication ID is allowed to 121: * act on behalf of the authorization ID. 122: * 123: * @return <code>true</code> if authorization is allowed; <code>false</code> 124: * otherwise. 125: * @see #setAuthorized(boolean) 126: * @see #getAuthorizedID() 127: */ 128: public boolean isAuthorized() 129: { 130: return authorized; 131: } 132: 133: /** 134: * Sets if authorization is allowed or not. 135: * 136: * @param authorized <code>true</code> if authorization is allowed; 137: * <code>false</code> otherwise. 138: * @see #isAuthorized() 139: * @see #setAuthorizedID(String) 140: */ 141: public void setAuthorized(boolean authorized) 142: { 143: this.authorized = authorized; 144: } 145: 146: /** 147: * Returns the ID of the authorized user. 148: * 149: * @return the ID of the authorized user. <code>null</code> means the 150: * authorization failed. 151: * @see #setAuthorized(boolean) 152: * @see #setAuthorizedID(String) 153: */ 154: public String getAuthorizedID() 155: { 156: if (!authorized) 157: { 158: return null; 159: } 160: return (authorizedID != null ? authorizedID : authorizationID); 161: } 162: 163: /** 164: * Sets the ID of the authorized entity. Called by handler only when the ID 165: * is different from {@link #getAuthorizationID()}. For example, the ID might 166: * need to be canonicalized for the environment in which it will be used. 167: * 168: * @see #setAuthorized(boolean) 169: * @see #getAuthorizedID() 170: */ 171: public void setAuthorizedID(String id) 172: { 173: this.authorizedID = id; 174: } 175: }