public abstract class Authorizer
extends java.lang.Object
An example Authorizer implementation might check that a user has alread been authorized and their Principal details are available from the client information, or it might check that the correct password has been provided in an application property in the request message.
Constructor and Description |
---|
Authorizer(javax.servlet.ServletConfig servletConfig)
Constructs an Authorizer.
|
Modifier and Type | Method and Description |
---|---|
abstract boolean |
allowBucketListingRequest(GatekeeperMessage requestMessage,
ClientInformation clientInformation)
Authorizes a bucket listing operation for a client as represented by a the gatekeeper
request message.
|
abstract boolean |
allowSignatureRequest(GatekeeperMessage requestMessage,
ClientInformation clientInformation,
SignatureRequest signatureRequest)
Authorizes an operation represented by a signature request by returning true, or
disallows the operation by returned false (and optionally setting a decline reason
in the signature request).
|
public Authorizer(javax.servlet.ServletConfig servletConfig) throws javax.servlet.ServletException
servletConfig
- javax.servlet.ServletException
public abstract boolean allowSignatureRequest(GatekeeperMessage requestMessage, ClientInformation clientInformation, SignatureRequest signatureRequest)
Authorization decisions can be made based on any of the inputs provided to this method.
requestMessage
- the Gatekeeper request message.clientInformation
- information about the client end-point this request was received from.signatureRequest
- a signature request to allow or disallow.public abstract boolean allowBucketListingRequest(GatekeeperMessage requestMessage, ClientInformation clientInformation)
Authorization decisions can be made based on any of the inputs provided to this method.
requestMessage
- the Gatekeeper request message.clientInformation
- information about the client end-point this request was received from.