Package org.jivesoftware.openfire.auth

Interface AuthorizationPolicy

All Known Implementing Classes:

DefaultAuthorizationPolicy, LdapAuthorizationPolicy

public interface AuthorizationPolicy

This is the interface the AuthorizationManager uses to conduct authorizations. Users that wish to integrate with their own authorization system must implement this interface, and are strongly encouraged to extend either the AbstractAuthoriationPolicy or the AbstractAuthorizationProvider classes which allow the admin console manage the classes more effectively. Register the class with Openfire in the openfire.xml file. An entry in that file would look like the following:

   <provider>
     <authorization>
       <classlist>com.foo.auth.CustomPolicyProvider</classlist>
     </authorization>
   </provider>

Author:

Jay Kline

Method Summary

Modifier and Type	Method	Description
boolean	authorize(String authzid, String authcid)	Returns true if the provided authentication identity (identity whose password will be used) is explicitly allowed to the provided authorization identity (identity to act as).
String	description()	Returns a description of the Policy
String	name()	Returns the short name of the Policy

Method Details

authorize

boolean authorize(String authzid,
 String authcid)

Returns true if the provided authentication identity (identity whose password will be used) is explicitly allowed to the provided authorization identity (identity to act as).

Parameters:

authzid - authorization identity (identity to act as).

authcid - authentication identity, or 'principal' (identity whose password will be used)

Returns:

true if the authzid is explicitly allowed to be used by the user authenticated with the authcid.

name

String name()

Returns the short name of the Policy

Returns:

The short name of the Policy

description

String description()

Returns a description of the Policy

Returns:

The description of the Policy.