Package org.jivesoftware.openfire.auth
Class DefaultAuthorizationPolicy
- java.lang.Object
-
- org.jivesoftware.openfire.auth.DefaultAuthorizationPolicy
-
- All Implemented Interfaces:
AuthorizationPolicy
public class DefaultAuthorizationPolicy extends Object implements AuthorizationPolicy
Different clients perform authentication differently, so this policy will authorize any principal to a requested user that match specific conditions that are considered secure defaults for most installations. Keep in mind if a client does not request any username Java copies the authenticated ID to the requested username.- If the authenticated ID is in the form of a plain username, and the requested user is in the form of a plain username, then the two must be exactly the same.
- If the authenticated ID contains an '@', then the portion before the
'@' must match exactly the requested username and the portion after
the '@' must match at least one of the following:
- The XMPP domain of the server
- The SASL realm of the server
- Be in the list of acceptable realms
- If the requested username contains an '@' then the portion before the '@' will be considered the requested username only if the portion after the '@' matches the XMPP domain of the server or the portion after the '@' in the authenticated ID, if any.
- Author:
- Jay Kline
- See Also:
AuthorizationManager
-
-
Constructor Summary
Constructors Constructor Description DefaultAuthorizationPolicy()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
authorize(String username, String authenID)
Returns true if the principal is explicitly authorized to the JIDString
description()
Returns a description of the PolicyString
name()
Returns the short name of the Policy
-
-
-
Method Detail
-
authorize
public boolean authorize(String username, String authenID)
Returns true if the principal is explicitly authorized to the JID- Specified by:
authorize
in interfaceAuthorizationPolicy
- Parameters:
username
- The username requested.authenID
- The authenticated ID (principal) requesting the username.- Returns:
- true if the authenticated ID is authorized to the requested user.
-
name
public String name()
Returns the short name of the Policy- Specified by:
name
in interfaceAuthorizationPolicy
- Returns:
- The short name of the Policy
-
description
public String description()
Returns a description of the Policy- Specified by:
description
in interfaceAuthorizationPolicy
- Returns:
- The description of the Policy.
-
-