Package org.dcache.xrootd.plugins.authz.scitokens

Class XrootdSciTokenAuthzHandler

java.lang.Object

org.dcache.xrootd.plugins.authz.scitokens.XrootdSciTokenAuthzHandler

All Implemented Interfaces:

AuthorizationHandler

public class XrootdSciTokenAuthzHandler
extends java.lang.Object
implements AuthorizationHandler

Field Summary

Fields

Modifier and Type	Field	Description
protected io.netty.channel.ChannelHandlerContext	ctx
protected static org.slf4j.Logger	LOGGER
protected boolean	strict
protected TokenValidator	validator

Constructor Summary

Constructors

Constructor	Description
XrootdSciTokenAuthzHandler(TokenValidator validator, boolean strict, io.netty.channel.ChannelHandlerContext ctx)

Method Summary

Modifier and Type	Method	Description
java.lang.String	authorize(javax.security.auth.Subject subject, java.net.InetSocketAddress localAddress, java.net.InetSocketAddress remoteAddress, java.lang.String path, java.util.Map<java.lang.String,java.lang.String> opaque, int request, XrootdProtocol.FilePerm mode)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

LOGGER

protected static final org.slf4j.Logger LOGGER

strict

protected final boolean strict

validator

protected final TokenValidator validator

ctx

protected final io.netty.channel.ChannelHandlerContext ctx

Constructor Detail

XrootdSciTokenAuthzHandler

public XrootdSciTokenAuthzHandler(TokenValidator validator,
                                  boolean strict,
                                  io.netty.channel.ChannelHandlerContext ctx)

Parameters:

validator - validates authorization from the serializable token. Note that this could involve a callout to other strategies, depending on implementation.

strict - whether to authorize in the absence of a token by falling back to a default.

ctx - of current call

Method Detail

authorize

public java.lang.String authorize(javax.security.auth.Subject subject,
                                  java.net.InetSocketAddress localAddress,
                                  java.net.InetSocketAddress remoteAddress,
                                  java.lang.String path,
                                  java.util.Map<java.lang.String,java.lang.String> opaque,
                                  int request,
                                  XrootdProtocol.FilePerm mode)
                           throws XrootdException,
                                  java.lang.SecurityException

Specified by:

authorize in interface AuthorizationHandler

Throws:

XrootdException

java.lang.SecurityException