AdventNet Web NMS 4 API Specification: Interface AuthorizationEngine

Overview

Package

Class

Tree

Deprecated

Index

Help

AdventNet Web NMS 4 API Specification

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.adventnet.security.authorization
Interface AuthorizationEngine

All Superinterfaces:: java.rmi.Remote

public interface AuthorizationEngine
extends java.rmi.Remote

This is the interface which provides the framework for Authorization. It will be required to implement this interface for providing Authorization (access control).
Authorization mechanism uses an Access Control policy, where a user(connecting to NMS server) belonging to a particular group has a view defined(also called authorized view) that specifies the operations he is allowed to perform. Also, the client(UI) wishing to provide customized views for each user/group can associate a namedView to the set of authorizedViews. The set APIs provided can be classified as :

The APIs that are used to verify if a particular user is authorized for the specified set of operations/authorizedViewNames. This returns a boolean value specifying the result of authorization.

The APIs used to retrieve a set of authorized operations/authorizedViews for a particular user. The authorized set of views/operations are returned as an Object.

The examples below show how the AuthorizationEngine can be accessed through RMI or from the same JVM.

 
 // Accessing AuthorizationEngine via RMI
 try 
 {
     AuthorizationEngine authEngine = (AuthorizationEngine) Naming. lookup ("//[NMSServer]/NmsAuthEngineAPI");
     System.out.println ( "Successfully got the handle for AuthorizationEngine");
 }
 catch (Exception remoteException) 
 {
     System.out.println ( "Error in getting the handle for AuthorizationEngine"); 
 }
 boolean result = authEngine.isAuthorized( "userName" , "operationName" );


  
 // Accessing AuthorizationEngine from the same JVM
 AuthorizationEngine authEngine = (AuthorizationEngine) NmsUtil.getAPI ("NmsAuthEngineAPI");
 boolean result = authEngine.isAuthorized( "userName" , "operationName" );


 
 
 // Accessing AuthorizationEngine via RMIAccessAPI in the NMS RMI secure mode
 try 
 { 
     RMIAccessAPI rmiApi = (RMIAccessAPI) Naming.lookup ("//[NMSServer]/RMIAccessAPI");
     AuthorizationEngine authEngine = (AuthorizationEngine) rmiApi.getAPI ( "userName" , "passWord" , "NmsAuthEngineAPI" );
     boolean result = authEngine.isAuthorized( "userName" , "operationName" );
 }
 catch (Exception remoteException) 
 {
     System.out.println ( "Error in getting the handle for AuthorizationEngine"); 
 }

Since:: 2.3

Method Summary

java.util.Vector getAllGroupNames(java.lang.String userName)
          Gets a list of group names to which the user belongs.

java.util.Vector getAuthorizedOperations(java.lang.String userName, java.lang.String namedViewName)
          Retrieves a list of authorized operations for a user with the specified list of namedView.

java.util.Vector getAuthorizedOperations(java.lang.String userName, java.util.Vector namedViewNameList)
          Retrieves a list of authorized operations for a user with the specified list of namedView.

java.util.Hashtable getAuthorizedViewAndNamedView(java.lang.String userName)
          Gets all the AuthorizedViewNames and NamedViewNames for a given user.

java.util.Vector getAuthorizedViewNames(java.lang.String userName)
          Gets a list of AuthorizedViewNames for a given user.

java.util.Vector getAuthorizedViewNames(java.lang.String userName, java.lang.String namedView)
          Gets a list of authorizedView names for a given user name and namedView.

java.util.Vector getAuthorizedViewObjects(java.lang.String userName)
          Gets a list of AuthorizedViewObjects for a given user.

java.util.Vector getAuthorizedViewObjectsForView(java.lang.String AuthorizedViewName)
          Gets a list of AuthorizedViewObjects for a given AuthorizedViewName.

java.util.Vector getOperationsForUser(java.lang.String userName)
          This method is used to get a List of operations authorized for this specified user name.

void init(java.lang.Object obj)
          This Method is used for initialization, if any.

boolean isAuthorized(java.lang.String userName, java.lang.String operationName)
          Performs access verification for a particular user who wants to perform a set of operations.

boolean isAuthorized(java.lang.String userName, java.lang.String operationName, boolean isAuditNeeded)


boolean isAuthorized(java.lang.String userName, java.lang.String operationName, java.util.Properties viewProperties)
          Performs access verification for a particular user, who wants to perform a particular operation, on an object with the specified properties.

boolean isAuthorized(java.lang.String userName, java.lang.String operationName, java.util.Properties viewProperties, java.lang.String namedViewName)
          Performs access verification for a particular user,who wants to perform a particular operation,on an object with the specified properties.If the user is Authorized, then the namedViewName is associated with all AuthorizedViewNames (common for UserName,Operation, and Properties) in NamedViewToAuthorizedViewTable.

boolean isAuthorized(java.lang.String userName, java.lang.String operationName, java.lang.String namedViewName)
          Performs access verification for a particular user who wants to perform a particular operation, having the specified namedViewName.If the user is Authorized, then the namedViewName is associated with all AuthorizedViewNames (common for UserName and Operation) in NamedViewToAuthorizedViewTable.

boolean isAuthorized(java.lang.String userName, java.util.Vector operationNameList, java.util.Properties viewProperties)
          Performs access verification for a particular user who wants to perform a set of operations, on an object with the specified properties.

boolean isAuthorized(java.lang.String userName, java.util.Vector operation, java.lang.String namedViewName)
          Performs access verification for a particular user who wants to perform a set of operations, having the specified namedViewName.

boolean isPropertyPresent(java.lang.String groupName, java.util.Properties viewProperties)
          Checks whether the given properties are subset of the properties for a group name or not.

Method Detail

init

public void init(java.lang.Object obj)
          throws java.rmi.RemoteException,
                 AuthorizationException

This Method is used for initialization, if any.

Parameters:: obj - Object used for initialization
Throws:: java.rmi.RemoteException - In case of RMI.; AuthorizationException - In case of any exception.

isAuthorized

public boolean isAuthorized(java.lang.String userName,
                            java.lang.String operationName,
                            java.util.Properties viewProperties)
                     throws java.rmi.RemoteException,
                            AuthorizationException

Performs access verification for a particular user, who wants to perform a particular operation, on an object with the specified properties.

Parameters:: userName - The name of the user who is performing the operation.; operationName - The name of the operation that the user performs.; viewProperties - The set of properties(propertyName, propertyValue pair) of the object on which the operation is to be performed.
Returns:: true, if the operation for the specified user and specified properties are authorized. Otherwise returns false.
Throws:: AuthorizationException - If there is any exception during access verifications.; java.rmi.RemoteException - In case of RMI.

isAuthorized

public boolean isAuthorized(java.lang.String userName,
                            java.lang.String operationName,
                            java.util.Properties viewProperties,
                            java.lang.String namedViewName)
                     throws java.rmi.RemoteException,
                            AuthorizationException

Performs access verification for a particular user,who wants to perform a particular operation,on an object with the specified properties.If the user is Authorized, then the namedViewName is associated with all AuthorizedViewNames (common for UserName,Operation, and Properties) in NamedViewToAuthorizedViewTable.

Parameters:: userName - :The name of the user who is performing the operation.; operationName - :The name of the operation that the user performs.; viewProperties - :The set of properties(propertyName, propertyValue pair) of the object on which the operation is to be performed.; namedViewName - :The name of the namedView for which the operation is to be authorized.
Returns:: true, if the operation for the specified user and specified properties is authorized. Otherwise returns false.
Throws:: java.rmi.RemoteException - :In case of RMI.; AuthorizationException - :If there is any exception during access verifications.

isAuthorized

public boolean isAuthorized(java.lang.String userName,
                            java.lang.String operationName)
                     throws java.rmi.RemoteException,
                            AuthorizationException

Performs access verification for a particular user who wants to perform a set of operations.

Parameters:: userName - The name of the user who is performing the operation.; operationName - The name of the operation that the user wishes to perform specified as a string.
Returns:: true, if the operation for the specified user is authorized. Otherwise returns false.
Throws:: AuthorizationException - if there is any error during database operation.; java.rmi.RemoteException - In case of RMI

isAuthorized

public boolean isAuthorized(java.lang.String userName,
                            java.lang.String operationName,
                            boolean isAuditNeeded)
                     throws java.rmi.RemoteException,
                            AuthorizationException

isAuthorized

public boolean isAuthorized(java.lang.String userName,
                            java.util.Vector operationNameList,
                            java.util.Properties viewProperties)
                     throws java.rmi.RemoteException,
                            AuthorizationException

Performs access verification for a particular user who wants to perform a set of operations, on an object with the specified properties.

Parameters:: userName - The name of the user who is performing the operation.; operationNameList - The list of operations that the user wishes to perform.; viewProperties - The set of properties(propertyName, propertyValue pair) of the object on which the operation is to be performed.
Returns:: true provided all the operations specified in the list for the specified user and specified properties are authorized. Otherwise returns false.
Throws:: AuthorizationException - If there is any exception during access verifications.; java.rmi.RemoteException - In case of RMI.

isAuthorized

public boolean isAuthorized(java.lang.String userName,
                            java.lang.String operationName,
                            java.lang.String namedViewName)
                     throws java.rmi.RemoteException,
                            AuthorizationException

Performs access verification for a particular user who wants to perform a particular operation, having the specified namedViewName.If the user is Authorized, then the namedViewName is associated with all AuthorizedViewNames (common for UserName and Operation) in NamedViewToAuthorizedViewTable.

Parameters:: userName - The name of the user who is performing the operation.; operationName - The name of the operation that the user performs.; namedViewName - The name of the namedView for which the operation is to be authorized.
Returns:: true, if the operation for the specified user and specified namedView is authorized. Otherwise returns false.
Throws:: AuthorizationException - If there is any exception during access verifications.; java.rmi.RemoteException - In case of RMI.

isAuthorized

public boolean isAuthorized(java.lang.String userName,
                            java.util.Vector operation,
                            java.lang.String namedViewName)
                     throws java.rmi.RemoteException,
                            AuthorizationException

Performs access verification for a particular user who wants to perform a set of operations, having the specified namedViewName.

Parameters:: userName - The name of the user who is performing the operation.; operation - The list of the operation that the user wishes to perform specified as a vector.; namedViewName - The name of the namedView for which the operationList is to be authorized.
Returns:: true provided all the operations specified in the list for the specified user and specified namedViews are authorized.Otherwise returns false.
Throws:: AuthorizationException - If there is any exception during access verifications.; java.rmi.RemoteException - In case of RMI.

getAuthorizedOperations

public java.util.Vector getAuthorizedOperations(java.lang.String userName,
                                                java.lang.String namedViewName)
                                         throws java.rmi.RemoteException,
                                                AuthorizationException

Retrieves a list of authorized operations for a user with the specified list of namedView.

Parameters:: userName - The name of the user for which the authorized operations are required.; namedViewName - A Vector of namedView names for which the authorized operations are required.
Returns:: A Vector which contains the list of authorized operations names.
Throws:: AuthorizationException - If there is any exception during access verifications.; java.rmi.RemoteException - In case of RMI.

getAuthorizedOperations

public java.util.Vector getAuthorizedOperations(java.lang.String userName,
                                                java.util.Vector namedViewNameList)
                                         throws java.rmi.RemoteException,
                                                AuthorizationException

Retrieves a list of authorized operations for a user with the specified list of namedView.

Parameters:: userName - The name of the user for which the authorized operations are required.; namedViewNameList - A Vector of namedView names for which the authorized operations are required.
Returns:: A Vector which contains the list of authorized operations names.
Throws:: AuthorizationException - If there is any exception during access verifications.; java.rmi.RemoteException - In case of RMI.

getOperationsForUser

public java.util.Vector getOperationsForUser(java.lang.String userName)
                                      throws java.rmi.RemoteException,
                                             AuthorizationException

This method is used to get a List of operations authorized for this specified user name.

Parameters:: userName - the name of the user for which the operations list is to be retrieved.
Returns:: A Vector which contains a list of operations authorized for the specified user name.
Throws:: AuthorizationException - If there is any exception during access verifications.; java.rmi.RemoteException - In case of RMI.

getAuthorizedViewNames

public java.util.Vector getAuthorizedViewNames(java.lang.String userName,
                                               java.lang.String namedView)
                                        throws java.rmi.RemoteException,
                                               AuthorizationException

Gets a list of authorizedView names for a given user name and namedView.

Parameters:: userName - The name of the user for which the authorizedViews are required.; namedView - The namedView for which the list of authorizedView names are required.
Returns:: A Vector which contains a list of authorizedViewNames for the specified user and namedView.
Throws:: AuthorizationException - If there is any exception during access verifications.; java.rmi.RemoteException - In case of RMI.

getAuthorizedViewNames

public java.util.Vector getAuthorizedViewNames(java.lang.String userName)
                                        throws java.rmi.RemoteException,
                                               AuthorizationException

Gets a list of AuthorizedViewNames for a given user.

Parameters:: userName - the name of the user for which the AuthorizedViewName is required.
Returns:: A Vector that consists of AuthorizedViewNames for the user.
Throws:: AuthorizationException - if there is any exception during access verifications; java.rmi.RemoteException - In case of RMI

getAuthorizedViewAndNamedView

public java.util.Hashtable getAuthorizedViewAndNamedView(java.lang.String userName)
                                                  throws java.rmi.RemoteException,
                                                         AuthorizationException

Gets all the AuthorizedViewNames and NamedViewNames for a given user.

Parameters:: userName - the name of the user for which the AuthorizedViewName and NamedViewName are required.
Returns:: A Hashtable that consists of AuthorizedViewName as the key and a Vector of NamedViewName as element.
Throws:: AuthorizationException - If there is any exception during access verifications.; java.rmi.RemoteException - In case of RMI.

getAuthorizedViewObjects

public java.util.Vector getAuthorizedViewObjects(java.lang.String userName)
                                          throws java.rmi.RemoteException,
                                                 AuthorizationException

Gets a list of AuthorizedViewObjects for a given user.

Parameters:: userName - the name of the user for which the AuthorizedViewObject is required.
Returns:: A Vector that consists of AuthorizedViewObjects.
Throws:: AuthorizationException - If there is any exception during access verifications.; java.rmi.RemoteException - In case of RMI.

getAllGroupNames

public java.util.Vector getAllGroupNames(java.lang.String userName)
                                  throws java.rmi.RemoteException,
                                         AuthorizationException

Gets a list of group names to which the user belongs.

Parameters:: userName - The name of the user for which the group names are required.
Returns:: A Vector which contains the list of group names.
Throws:: AuthorizationException - If there is any exception or error during database operation.; java.rmi.RemoteException - In case of RMI.

isPropertyPresent

public boolean isPropertyPresent(java.lang.String groupName,
                                 java.util.Properties viewProperties)
                          throws java.rmi.RemoteException,
                                 AuthorizationException

Checks whether the given properties are subset of the properties for a group name or not.

Parameters:: groupName - the name of the group for which the properties are checked.; viewProperties - the set of properties(propertyname,propertyvalue) to be checked with the properties from the database.
Returns:: true if the the given properties are subset of the properties for the groupName,Otherwise false.
Throws:: AuthorizationException - If there is any exception related to database operation.; java.rmi.RemoteException - In case of RMI.

getAuthorizedViewObjectsForView

public java.util.Vector getAuthorizedViewObjectsForView(java.lang.String AuthorizedViewName)
                                                 throws java.rmi.RemoteException,
                                                        AuthorizationException

Gets a list of AuthorizedViewObjects for a given AuthorizedViewName.

Parameters:: AuthorizedViewName - The AuthorizedViewName for which the list of AuthorizedViewObjects are required.
Returns:: A Vector which contains a list of AuthorizedViewObjects for the specified AuthorizedViewName.
Throws:: AuthorizationException - If there is any exception or error during database operation.; java.rmi.RemoteException - In case of RMI.

Overview

Package

Class

Tree

Deprecated

Index

Help

AdventNet Web NMS 4 API Specification

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

Method Summary
`java.util.Vector`	`getAllGroupNames(java.lang.String userName)` Gets a list of group names to which the user belongs.
`java.util.Vector`	`getAuthorizedOperations(java.lang.String userName, java.lang.String namedViewName)` Retrieves a list of authorized operations for a user with the specified list of namedView.
`java.util.Vector`	`getAuthorizedOperations(java.lang.String userName, java.util.Vector namedViewNameList)` Retrieves a list of authorized operations for a user with the specified list of namedView.
`java.util.Hashtable`	`getAuthorizedViewAndNamedView(java.lang.String userName)` Gets all the AuthorizedViewNames and NamedViewNames for a given user.
`java.util.Vector`	`getAuthorizedViewNames(java.lang.String userName)` Gets a list of AuthorizedViewNames for a given user.
`java.util.Vector`	`getAuthorizedViewNames(java.lang.String userName, java.lang.String namedView)` Gets a list of authorizedView names for a given user name and namedView.
`java.util.Vector`	`getAuthorizedViewObjects(java.lang.String userName)` Gets a list of AuthorizedViewObjects for a given user.
`java.util.Vector`	`getAuthorizedViewObjectsForView(java.lang.String AuthorizedViewName)` Gets a list of AuthorizedViewObjects for a given AuthorizedViewName.
`java.util.Vector`	`getOperationsForUser(java.lang.String userName)` This method is used to get a List of operations authorized for this specified user name.
`void`	`init(java.lang.Object obj)` This Method is used for initialization, if any.
`boolean`	`isAuthorized(java.lang.String userName, java.lang.String operationName)` Performs access verification for a particular user who wants to perform a set of operations.
`boolean`	`isAuthorized(java.lang.String userName, java.lang.String operationName, boolean isAuditNeeded)`
`boolean`	`isAuthorized(java.lang.String userName, java.lang.String operationName, java.util.Properties viewProperties)` Performs access verification for a particular user, who wants to perform a particular operation, on an object with the specified properties.
`boolean`	`isAuthorized(java.lang.String userName, java.lang.String operationName, java.util.Properties viewProperties, java.lang.String namedViewName)` Performs access verification for a particular user,who wants to perform a particular operation,on an object with the specified properties.If the user is Authorized, then the namedViewName is associated with all AuthorizedViewNames (common for UserName,Operation, and Properties) in NamedViewToAuthorizedViewTable.
`boolean`	`isAuthorized(java.lang.String userName, java.lang.String operationName, java.lang.String namedViewName)` Performs access verification for a particular user who wants to perform a particular operation, having the specified namedViewName.If the user is Authorized, then the namedViewName is associated with all AuthorizedViewNames (common for UserName and Operation) in NamedViewToAuthorizedViewTable.
`boolean`	`isAuthorized(java.lang.String userName, java.util.Vector operationNameList, java.util.Properties viewProperties)` Performs access verification for a particular user who wants to perform a set of operations, on an object with the specified properties.
`boolean`	`isAuthorized(java.lang.String userName, java.util.Vector operation, java.lang.String namedViewName)` Performs access verification for a particular user who wants to perform a set of operations, having the specified namedViewName.
`boolean`	`isPropertyPresent(java.lang.String groupName, java.util.Properties viewProperties)` Checks whether the given properties are subset of the properties for a group name or not.

com.adventnet.security.authorization Interface AuthorizationEngine

init

isAuthorized

isAuthorized

isAuthorized

isAuthorized

isAuthorized

isAuthorized

isAuthorized

getAuthorizedOperations

getAuthorizedOperations

getOperationsForUser

getAuthorizedViewNames

getAuthorizedViewNames

getAuthorizedViewAndNamedView

getAuthorizedViewObjects

getAllGroupNames

isPropertyPresent

getAuthorizedViewObjectsForView

com.adventnet.security.authorization
Interface AuthorizationEngine