AuthorizationManager (Wildfire 3.2.4 Javadoc)

Overview

Package

Class

Tree

Deprecated

Index

Help

Wildfire 3.2.4 Javadoc

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jivesoftware.wildfire.sasl
Class AuthorizationManager

java.lang.Object
  org.jivesoftware.wildfire.sasl.AuthorizationManager

public class AuthorizationManager
extends Object
extends Object

Manages the AuthorizationProvider objects.

Overall description of the authentication and authorization process:

After a client connects, and idicates a desire to use SASL, the SASLAuthentication object decides which SASL mechanisms to advertise, and then performs the authentication. If authentication is successful, the XMPPCallbackHandler is asked to handle() an AuthorizeCallback. The XMPPCallbackHandler asks the AuthorizationManager to authorize the principal to the requested username. The AuthorizationManager manages a list of AuthorizationProvider classes, and tries them one at a time and returns true with the first AuthorizationProvider that authorizes the principal to the username. If no classes authorize the principal, false is returned, which traces all the way back to give the client an unauthorized message. Its important to note that the message the client recieves will give no indication if the principal authentiated successfully, you will need to check the server logs for that information.

Author:: Jay Kline

Method Summary
`static boolean`	`authorize(String authorId, String authenId)` Authorize the authenticated used to the requested username.
`static Collection<AuthorizationProvider>`	`getAuthorizationProviders()` Returns the currently-installed AuthorizationProvider.
`static AuthorizationManager`	`getInstance()` Returns a singleton AuthorizationManager instance.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Method Detail

getAuthorizationProviders

public static Collection<AuthorizationProvider> getAuthorizationProviders()

Returns the currently-installed AuthorizationProvider. Warning: You should not be calling the AuthorizationProvider directly to perform authorizations, it will not take into account the policy selected in the wildfire.xml. Use @see{authorize} in this class, instead.

Returns:: the current AuthorizationProvider.

getInstance

public static AuthorizationManager getInstance()

Returns a singleton AuthorizationManager instance.

Returns:: a AuthorizationManager instance.

authorize

public static boolean authorize(String authorId,
                                String authenId)

Authorize the authenticated used to the requested username. This uses the selected the selected AuthenticationProviders.

Returns:: true if the user is authorized.