Package org.opensaml.profile.logic

Class PredicateAccessControl

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

org.opensaml.profile.logic.PredicateAccessControl

All Implemented Interfaces:

net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.IdentifiableComponent, net.shibboleth.utilities.java.support.component.IdentifiedComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, net.shibboleth.utilities.java.support.security.AccessControl

public class PredicateAccessControl
extends net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent
implements net.shibboleth.utilities.java.support.security.AccessControl

Access control implementation based on a predicate over a ProfileRequestContext.

To bridge the two designs, this adapter populates an AccessControlContext placed beneath the ProfileRequestContext to carry the operation and resource parameters and allow access to them from the Predicate.

Since:

3.3.0

Field Summary

Fields

Modifier and Type	Field	Description
private org.slf4j.Logger	log	Class logger.
private Predicate<ProfileRequestContext>	predicate	The predicate to use.

Constructor Summary

Constructors

Constructor	Description
PredicateAccessControl(Predicate<ProfileRequestContext> condition)	Constructor.

Method Summary

Modifier and Type	Method	Description
boolean	checkAccess(javax.servlet.ServletRequest request, String operation, String resource)
private String	getLogPrefix()	Get logging prefix.

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent

setId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

doInitialize, getId

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent

getId

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

predicate

@Nonnull
private final Predicate<ProfileRequestContext> predicate

The predicate to use.

Constructor Detail

PredicateAccessControl

public PredicateAccessControl(@Nonnull @ParameterName(name="condition")
                              Predicate<ProfileRequestContext> condition)

Constructor.

Parameters:

condition - the predicate to use

Method Detail

checkAccess

public boolean checkAccess(@Nonnull
                           javax.servlet.ServletRequest request,
                           @Nullable
                           String operation,
                           @Nullable
                           String resource)

Specified by:

checkAccess in interface net.shibboleth.utilities.java.support.security.AccessControl

getLogPrefix

@Nonnull
private String getLogPrefix()

Get logging prefix.

Returns:

prefix