org.apache.ldap.server.authz
Class OldAuthorizationService

java.lang.Object
  extended by org.apache.ldap.server.interceptor.BaseInterceptor
      extended by org.apache.ldap.server.authz.OldAuthorizationService
All Implemented Interfaces:
Interceptor

public class OldAuthorizationService
extends BaseInterceptor

An Interceptor that controls access to DirectoryPartitionNexus. If a user tries to perform any operations that requires permission he or she doesn't have, NoPermissionException will be thrown and therefore the current invocation chain will terminate.

Version:
$Rev: 201550 $, $Date: 2005-06-23 23:08:31 -0400 (Thu, 23 Jun 2005) $
Author:
Apache Directory Project

Constructor Summary
OldAuthorizationService()
          Creates a new instance.
 
Method Summary
 void delete(NextInterceptor nextInterceptor, javax.naming.Name name)
          Filters DirectoryPartition.delete(Name) call.
 boolean hasEntry(NextInterceptor nextInterceptor, javax.naming.Name name)
          Note that we do nothing here.
 void init(DirectoryServiceConfiguration factoryCfg, InterceptorConfiguration cfg)
          This method does nothing by default.
 javax.naming.NamingEnumeration list(NextInterceptor nextInterceptor, javax.naming.Name base)
          Filters DirectoryPartition.list(Name) call.
 javax.naming.directory.Attributes lookup(NextInterceptor nextInterceptor, javax.naming.Name name)
          Filters DirectoryPartition.lookup(Name) call.
 javax.naming.directory.Attributes lookup(NextInterceptor nextInterceptor, javax.naming.Name name, java.lang.String[] attrIds)
          Filters DirectoryPartition.lookup(Name, String[]) call.
 void modify(NextInterceptor nextInterceptor, javax.naming.Name name, int modOp, javax.naming.directory.Attributes attrs)
          This policy needs to be really tight too because some attributes may take part in giving the user permissions to protected resources.
 void modify(NextInterceptor nextInterceptor, javax.naming.Name name, javax.naming.directory.ModificationItem[] items)
          This policy needs to be really tight too because some attributes may take part in giving the user permissions to protected resources.
 void modifyRn(NextInterceptor nextInterceptor, javax.naming.Name name, java.lang.String newRn, boolean deleteOldRn)
          Filters DirectoryPartition.modifyRn(Name, String, boolean) call.
 void move(NextInterceptor nextInterceptor, javax.naming.Name oriChildName, javax.naming.Name newParentName)
          Filters DirectoryPartition.move(Name, Name) call.
 void move(NextInterceptor nextInterceptor, javax.naming.Name oriChildName, javax.naming.Name newParentName, java.lang.String newRn, boolean deleteOldRn)
          Filters DirectoryPartition.move(Name, Name, String, boolean) call.
 javax.naming.NamingEnumeration search(NextInterceptor nextInterceptor, javax.naming.Name base, java.util.Map env, org.apache.ldap.common.filter.ExprNode filter, javax.naming.directory.SearchControls searchCtls)
          Filters DirectoryPartition.search(Name, Map, ExprNode, SearchControls) call.
 
Methods inherited from class org.apache.ldap.server.interceptor.BaseInterceptor
add, addContextPartition, compare, destroy, getContext, getMatchedName, getPrincipal, getRootDSE, getSuffix, isSuffix, listSuffixes, removeContextPartition
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

OldAuthorizationService

public OldAuthorizationService()
Creates a new instance.

Method Detail

init

public void init(DirectoryServiceConfiguration factoryCfg,
                 InterceptorConfiguration cfg)
          throws javax.naming.NamingException
Description copied from class: BaseInterceptor
This method does nothing by default.

Specified by:
init in interface Interceptor
Overrides:
init in class BaseInterceptor
Throws:
javax.naming.NamingException

delete

public void delete(NextInterceptor nextInterceptor,
                   javax.naming.Name name)
            throws javax.naming.NamingException
Description copied from interface: Interceptor
Filters DirectoryPartition.delete(Name) call.

Specified by:
delete in interface Interceptor
Overrides:
delete in class BaseInterceptor
Throws:
javax.naming.NamingException

hasEntry

public boolean hasEntry(NextInterceptor nextInterceptor,
                        javax.naming.Name name)
                 throws javax.naming.NamingException
Note that we do nothing here. First because this is not an externally exposed function via the JNDI interfaces. It is used internally by the provider for optimization purposes so there is no reason for us to start to constrain it.

Specified by:
hasEntry in interface Interceptor
Overrides:
hasEntry in class BaseInterceptor
Throws:
javax.naming.NamingException

modify

public void modify(NextInterceptor nextInterceptor,
                   javax.naming.Name name,
                   int modOp,
                   javax.naming.directory.Attributes attrs)
            throws javax.naming.NamingException
This policy needs to be really tight too because some attributes may take part in giving the user permissions to protected resources. We do not want users to self access these resources. As far as we're concerned no one but the admin needs access.

Specified by:
modify in interface Interceptor
Overrides:
modify in class BaseInterceptor
Throws:
javax.naming.NamingException

modify

public void modify(NextInterceptor nextInterceptor,
                   javax.naming.Name name,
                   javax.naming.directory.ModificationItem[] items)
            throws javax.naming.NamingException
This policy needs to be really tight too because some attributes may take part in giving the user permissions to protected resources. We do not want users to self access these resources. As far as we're concerned no one but the admin needs access.

Specified by:
modify in interface Interceptor
Overrides:
modify in class BaseInterceptor
Throws:
javax.naming.NamingException

modifyRn

public void modifyRn(NextInterceptor nextInterceptor,
                     javax.naming.Name name,
                     java.lang.String newRn,
                     boolean deleteOldRn)
              throws javax.naming.NamingException
Description copied from interface: Interceptor
Filters DirectoryPartition.modifyRn(Name, String, boolean) call.

Specified by:
modifyRn in interface Interceptor
Overrides:
modifyRn in class BaseInterceptor
Throws:
javax.naming.NamingException

move

public void move(NextInterceptor nextInterceptor,
                 javax.naming.Name oriChildName,
                 javax.naming.Name newParentName)
          throws javax.naming.NamingException
Description copied from interface: Interceptor
Filters DirectoryPartition.move(Name, Name) call.

Specified by:
move in interface Interceptor
Overrides:
move in class BaseInterceptor
Throws:
javax.naming.NamingException

move

public void move(NextInterceptor nextInterceptor,
                 javax.naming.Name oriChildName,
                 javax.naming.Name newParentName,
                 java.lang.String newRn,
                 boolean deleteOldRn)
          throws javax.naming.NamingException
Description copied from interface: Interceptor
Filters DirectoryPartition.move(Name, Name, String, boolean) call.

Specified by:
move in interface Interceptor
Overrides:
move in class BaseInterceptor
Throws:
javax.naming.NamingException

lookup

public javax.naming.directory.Attributes lookup(NextInterceptor nextInterceptor,
                                                javax.naming.Name name)
                                         throws javax.naming.NamingException
Description copied from interface: Interceptor
Filters DirectoryPartition.lookup(Name) call.

Specified by:
lookup in interface Interceptor
Overrides:
lookup in class BaseInterceptor
Throws:
javax.naming.NamingException

lookup

public javax.naming.directory.Attributes lookup(NextInterceptor nextInterceptor,
                                                javax.naming.Name name,
                                                java.lang.String[] attrIds)
                                         throws javax.naming.NamingException
Description copied from interface: Interceptor
Filters DirectoryPartition.lookup(Name, String[]) call.

Specified by:
lookup in interface Interceptor
Overrides:
lookup in class BaseInterceptor
Throws:
javax.naming.NamingException

search

public javax.naming.NamingEnumeration search(NextInterceptor nextInterceptor,
                                             javax.naming.Name base,
                                             java.util.Map env,
                                             org.apache.ldap.common.filter.ExprNode filter,
                                             javax.naming.directory.SearchControls searchCtls)
                                      throws javax.naming.NamingException
Description copied from interface: Interceptor
Filters DirectoryPartition.search(Name, Map, ExprNode, SearchControls) call.

Specified by:
search in interface Interceptor
Overrides:
search in class BaseInterceptor
Throws:
javax.naming.NamingException

list

public javax.naming.NamingEnumeration list(NextInterceptor nextInterceptor,
                                           javax.naming.Name base)
                                    throws javax.naming.NamingException
Description copied from interface: Interceptor
Filters DirectoryPartition.list(Name) call.

Specified by:
list in interface Interceptor
Overrides:
list in class BaseInterceptor
Throws:
javax.naming.NamingException


Copyright © 2002-2005 . All Rights Reserved.