AuthorizationManager (Core XMPP Server 4.6.0-SNAPSHOT API)

java.lang.Object
- org.jivesoftware.openfire.auth.AuthorizationManager

```
public class AuthorizationManager
extends Object
```
Manages the AuthorizationProvider objects.
Overall description of the authentication and authorization process:
After a client connects, and indicates a desire to use SASL, the SASLAuthentication object decides which SASL mechanisms to advertise, and then performs the authentication. If authentication is successful, the XMPPCallbackHandler is asked to handle() an AuthorizeCallback. The XMPPCallbackHandler asks the AuthorizationManager to authorize the principal to the requested username. The AuthorizationManager manages a list of AuthorizationProvider classes, and tries them one at a time and returns true with the first AuthorizationProvider that authorizes the principal to the username. If no classes authorize the principal, false is returned, which traces all the way back to give the client an unauthorized message. Its important to note that the message the client receives will give no indication if the principal authenticated successfully, you will need to check the server logs for that information.

Author:

Jay Kline

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method	Description
`static boolean`	`authorize(String username, String principal)`	Authorize the authenticated used to the requested username.
`static Collection<AuthorizationPolicy>`	`getAuthorizationPolicies()`	Returns the currently-installed AuthorizationProvider.
`static String`	`map(String principal)`	Map the authenticated principal to the default username.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - getAuthorizationPolicies
```
public static Collection<AuthorizationPolicy> getAuthorizationPolicies()
```
    Returns the currently-installed AuthorizationProvider. Warning: You should not be calling the AuthorizationProvider directly to perform authorizations, it will not take into account the policy selected in the openfire.xml. Use @see{authorize} in this class, instead.
    
    Returns:
    
    the current AuthorizationProvider.
  - authorize
```
public static boolean authorize(String username,
                                String principal)
```
    Authorize the authenticated used to the requested username. This uses the selected the selected AuthenticationProviders.
    
    Parameters:
    
    username - The requested username.
    
    principal - The authenticated principal.
    
    Returns:
    
    true if the user is authorized.
  - map
```
public static String map(String principal)
```
    Map the authenticated principal to the default username. If the authenticated principal did not supply a username, determine the default to use.
    
    Parameters:
    
    principal - The authentiated principal to determine the default username.
    
    Returns:
    
    The default username for the authentiated principal.