org.dcache.xrootd.plugins

Interface AuthorizationHandler

All Known Implementing Classes:

NoAuthorizationHandler

public interface AuthorizationHandler

The interface to authorization and path mapping plugins.

Method Summary

Modifier and Type	Method and Description
String	authorize(Subject subject, InetSocketAddress localAddress, InetSocketAddress remoteAddress, String path, Map<String,String> opaque, int request, XrootdProtocol.FilePerm mode) Authorization and path mapping hook.

Method Detail

authorize

String authorize(Subject subject,
                 InetSocketAddress localAddress,
                 InetSocketAddress remoteAddress,
                 String path,
                 Map<String,String> opaque,
                 int request,
                 XrootdProtocol.FilePerm mode)
          throws XrootdException,
                 SecurityException,
                 GeneralSecurityException

Authorization and path mapping hook. Called upon any xrootd door operation. Implementations may perform authorization checks for the requested operation.

Parameters:

subject - the user

localAddress - local socket address of client connection

remoteAddress - remote socket address of client connection

path - the file which is checked

opaque - the opaque data from the request

request - xrootd request id of the operation

mode - the requested mode

Throws:

SecurityException - when the requested access is denied

GeneralSecurityException - when the process of authorizing fails

XrootdException - when some specific error should be propagated back to the xrootd client.