AuthorityGranter xref

View Javadoc

1   /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.providers.jaas;
17  
18  import java.security.Principal;
19  
20  import java.util.Set;
21  
22  
23  /**
24   * The AuthorityGranter interface is used to map a given principal to role
25   * names.
26   *
27   * <P>
28   * If a Windows NT login module were to be used from JAAS, an AuthrityGranter
29   * implementation could be created to map a NT Group Principal to a ROLE_USER
30   * role for instance. <br>
31   * </p>
32   *
33   * @author Ray Krueger
34   * @version $Id: AuthorityGranter.java 1784 2007-02-24 21:00:24Z luke_t $
35   */
36  public interface AuthorityGranter {
37      //~ Methods ========================================================================================================
38  
39      /**
40       * The grant method is called for each principal returned from the LoginContext subject. If the
41       * AuthorityGranter wishes to grant any authorities, it should return a java.util.Set containing the role names it
42       * wishes to grant, such as ROLE_USER. If the AuthrityGranter does not wish to grant any authorities it should
43       * return null. <br>
44       * The set may contain any object as all objects in the returned set will be passed to the JaasGrantedAuthority
45       * constructor using toString().
46       *
47       * @param principal One of the principals from the LoginContext.getSubect().getPrincipals() method.
48       *
49       * @return A java.util.Set of role names to grant, or null meaning no roles should be granted for the principal.
50       */
51      Set grant(Principal principal);
52  }