Package org.dcache.xrootd.plugins

Interface AuthorizationHandler

All Known Implementing Classes:

NoAuthorizationHandler

public interface AuthorizationHandler

The interface to authorization and path mapping plugins.

Method Summary

Modifier and Type	Method	Description
java.lang.String	authorize(javax.security.auth.Subject subject, java.net.InetSocketAddress localAddress, java.net.InetSocketAddress remoteAddress, java.lang.String path, java.util.Map<java.lang.String,java.lang.String> opaque, int request, XrootdProtocol.FilePerm mode)	Authorization and path mapping hook.

Method Detail

authorize

java.lang.String authorize(javax.security.auth.Subject subject,
                           java.net.InetSocketAddress localAddress,
                           java.net.InetSocketAddress remoteAddress,
                           java.lang.String path,
                           java.util.Map<java.lang.String,java.lang.String> opaque,
                           int request,
                           XrootdProtocol.FilePerm mode)
                    throws XrootdException,
                           java.lang.SecurityException,
                           java.security.GeneralSecurityException

Authorization and path mapping hook. Called upon any xrootd door operation. Implementations may perform authorization checks for the requested operation.

Parameters:

subject - the user

localAddress - local socket address of client connection

remoteAddress - remote socket address of client connection

path - the file which is checked

opaque - the opaque data from the request

request - xrootd request id of the operation

mode - the requested mode

Throws:

java.lang.SecurityException - when the requested access is denied

java.security.GeneralSecurityException - when the process of authorizing fails

XrootdException - when some specific error should be propagated back to the xrootd client.