Package com.tangosol.net.security

Class AuditingAuthorizer

java.lang.Object
com.tangosol.net.security.AuditingAuthorizer
All Implemented Interfaces:
StorageAccessAuthorizer
public class AuditingAuthorizer extends Object implements StorageAccessAuthorizer
Simple StorageAccessAuthorizer implementation that logs the authorization requests and allows operations to proceed.
Author:
gg 2014.09.25

  • Constructor Details

    • AuditingAuthorizer

      public AuditingAuthorizer()
      Construct a non-strict AuditingAuthorizer. It will simply log the authorization request and allow the operation to proceed.

    • AuditingAuthorizer

      public AuditingAuthorizer(boolean fStrict)
      Construct an AuditingAuthorizer. It will simply log the authorization request and allow the operation to proceed based on the presence of the Subject.
      Parameters:
      fStrict - if true, a non-null Subject must be presented for the operation to proceed

  • Method Details

    • checkRead

      public void checkRead(BinaryEntry entry, Subject subject, int nReason)
      Description copied from interface: StorageAccessAuthorizer
      Check if the caller represented by the specified Subject is authorized to a read access for the specified entry.
      Specified by:
      checkRead in interface StorageAccessAuthorizer
      Parameters:
      entry - the entry
      subject - the Subject
      nReason - one of the REASON_* constants

    • checkWrite

      public void checkWrite(BinaryEntry entry, Subject subject, int nReason)
      Description copied from interface: StorageAccessAuthorizer
      Check if the caller represented by the specified Subject is authorized to a write access for the specified entry.
      Specified by:
      checkWrite in interface StorageAccessAuthorizer
      Parameters:
      entry - the entry
      subject - the Subject
      nReason - one of the REASON_* constants

    • checkReadAny

      public void checkReadAny(BackingMapContext context, Subject subject, int nReason)
      Description copied from interface: StorageAccessAuthorizer
      Check if the caller represented by the specified Subject is authorized to read any data.

      For example, this check would be performed to install a map listener (except for lite listeners)

      Specified by:
      checkReadAny in interface StorageAccessAuthorizer
      Parameters:
      context - the BackingMapContext
      subject - the Subject
      nReason - one of the REASON_* constants

    • checkWriteAny

      public void checkWriteAny(BackingMapContext context, Subject subject, int nReason)
      Description copied from interface: StorageAccessAuthorizer
      Check if the caller represented by the specified Subject is authorized to update any data.

      For example, this check would be performed to install a trigger.

      Specified by:
      checkWriteAny in interface StorageAccessAuthorizer
      Parameters:
      context - the BackingMapContext
      subject - the Subject
      nReason - one of the REASON_* constants

    • logEntryRequest

      protected void logEntryRequest(BinaryEntry entry, Subject subject, boolean fWrite, int nReason)
      Log the entry level authorization request.
      Parameters:
      entry - the entry to authorize access to
      subject - the Subject
      fWrite - true for write operation; read otherwise
      nReason - the reason for the check

    • logMapRequest

      protected void logMapRequest(BackingMapContext context, Subject subject, boolean fWrite, int nReason)
      Log the backing map level authorization request.
      Parameters:
      context - the context of the backing map to authorize access to
      subject - the Subject
      fWrite - true for write operation; read otherwise
      nReason - the reason for the check