Interface Authorizer


  • public interface Authorizer
    This interface represents an environment-specific facility for authorizing callers to perform actions described by the corresponding permission objects. Such authorization executes before or in place of the Coherence specific JAAS based security checks (see AccessController). Moreover, if Coherence authorization is configured, it must use the Subject object returned by the authorize(javax.security.auth.Subject, com.tangosol.net.ClusterPermission) method to perform its own authorization.
    Since:
    Coherence 12.1.2
    Author:
    dag 2012.03.07
    • Method Detail

      • authorize

        Subject authorize​(Subject subject,
                          ClusterPermission permission)
        Authorize the caller to perform the action specified by the permission.
        Parameters:
        subject - the current caller's Subject if known (may be null)
        permission - the permission that represents the targets and the action to be performed against the targets
        Returns:
        the Subject representing the caller.
        Throws:
        SecurityException - if the caller's identity cannot established or they lack permission to execute the requested action