1 /*
2 * Copyright 2000-2004 Sun Microsystems, Inc. All Rights Reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Sun designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Sun in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
22 * CA 95054 USA or visit www.sun.com if you need additional information or
23 * have any questions.
24 */
25
26 package javax.security.sasl;
27
28 import javax.security.auth.callback.Callback;
29
30 /**
31 * This callback is used by <tt>SaslServer</tt> to determine whether
32 * one entity (identified by an authenticated authentication id)
33 * can act on
34 * behalf of another entity (identified by an authorization id).
35 *
36 * @since 1.5
37 *
38 * @author Rosanna Lee
39 * @author Rob Weltman
40 */
41 public class AuthorizeCallback implements Callback, java.io.Serializable {
42 /**
43 * The (authenticated) authentication id to check.
44 * @serial
45 */
46 private String authenticationID;
47
48 /**
49 * The authorization id to check.
50 * @serial
51 */
52 private String authorizationID;
53
54 /**
55 * The id of the authorized entity. If null, the id of
56 * the authorized entity is authorizationID.
57 * @serial
58 */
59 private String authorizedID;
60
61 /**
62 * A flag indicating whether the authentication id is allowed to
63 * act on behalf of the authorization id.
64 * @serial
65 */
66 private boolean authorized;
67
68 /**
69 * Constructs an instance of <tt>AuthorizeCallback</tt>.
70 *
71 * @param authnID The (authenticated) authentication id.
72 * @param authzID The authorization id.
73 */
74 public AuthorizeCallback(String authnID, String authzID) {
75 authenticationID = authnID;
76 authorizationID = authzID;
77 }
78
79 /**
80 * Returns the authentication id to check.
81 * @return The authentication id to check.
82 */
83 public String getAuthenticationID() {
84 return authenticationID;
85 }
86
87 /**
88 * Returns the authorization id to check.
89 * @return The authentication id to check.
90 */
91 public String getAuthorizationID() {
92 return authorizationID;
93 }
94
95 /**
96 * Determines whether the authentication id is allowed to
97 * act on behalf of the authorization id.
98 *
99 * @return <tt>true</tt> if authorization is allowed; <tt>false</tt> otherwise
100 * @see #setAuthorized(boolean)
101 * @see #getAuthorizedID()
102 */
103 public boolean isAuthorized() {
104 return authorized;
105 }
106
107 /**
108 * Sets whether the authorization is allowed.
109 * @param ok <tt>true</tt> if authorization is allowed; <tt>false</tt> otherwise
110 * @see #isAuthorized
111 * @see #setAuthorizedID(java.lang.String)
112 */
113 public void setAuthorized(boolean ok) {
114 authorized = ok;
115 }
116
117 /**
118 * Returns the id of the authorized user.
119 * @return The id of the authorized user. <tt>null</tt> means the
120 * authorization failed.
121 * @see #setAuthorized(boolean)
122 * @see #setAuthorizedID(java.lang.String)
123 */
124 public String getAuthorizedID() {
125 if (!authorized) {
126 return null;
127 }
128 return (authorizedID == null) ? authorizationID : authorizedID;
129 }
130
131 /**
132 * Sets the id of the authorized entity. Called by handler only when the id
133 * is different from getAuthorizationID(). For example, the id
134 * might need to be canonicalized for the environment in which it
135 * will be used.
136 * @param id The id of the authorized user.
137 * @see #setAuthorized(boolean)
138 * @see #getAuthorizedID
139 */
140 public void setAuthorizedID(String id) {
141 authorizedID = id;
142 }
143
144 private static final long serialVersionUID = -2353344186490470805L;
145 }
Save This Page