org.dcache.xrootd.plugins

Interface AuthorizationHandler

All Known Implementing Classes:

NoAuthorizationHandler

public interface AuthorizationHandler

The interface to authorization and path mapping plugins.

Method Summary

Methods

Modifier and Type	Method and Description
String	authorize(Subject subject, InetSocketAddress localAddress, InetSocketAddress remoteAddress, String path, Map<String,String> opaque, int request, XrootdProtocol.FilePerm mode) Authorization and path mapping hook.

Method Detail

authorize

String authorize(Subject subject,
               InetSocketAddress localAddress,
               InetSocketAddress remoteAddress,
               String path,
               Map<String,String> opaque,
               int request,
               XrootdProtocol.FilePerm mode)
                 throws SecurityException,
                        GeneralSecurityException

Authorization and path mapping hook. Called upon any xrootd door operation. Implementations may perform authorization checks for the requested operation.

Parameters:

subject - the user

localAddress - local socket address of client connection

remoteAddress - remote socket address of client connection

path - the file which is checked

opaque - the opaque data from the request

request - xrootd request id of the operation

mode - the requested mode

Throws:

AccessControlException - when the requested access is denied

GeneralSecurityException - when the process of authorizing fails

SecurityException