Examples of AuthorizationManager

• com.bitmovers.maui.engine.AuthorizationManager
  This is used to match up license levels with allowed activities.
• com.ecyrd.jspwiki.auth.AuthorizationManager

  Manages all access control and authorization; determines what authenticated users are allowed to do.

  Privileges in JSPWiki are expressed as Java-standard {@link java.security.Permission}classes. There are two types of permissions:

  • {@link com.ecyrd.jspwiki.auth.permissions.WikiPermission} - privileges that applyto an entire wiki instance: e.g., editing user profiles, creating pages, creating groups
  • {@link com.ecyrd.jspwiki.auth.permissions.PagePermission} - privileges that applyto a single wiki page or range of pages: e.g., reading, editing, renaming

  Calling classes determine whether they are entitled to perform a particular action by constructing the appropriate permission first, then passing it and the current {@link com.ecyrd.jspwiki.WikiSession} to the{@link #checkPermission(WikiSession,Permission)} method. If the session'sSubject possesses the permission, the action is allowed.

  For WikiPermissions, the decision criteria is relatively simple: the caller either possesses the permission, as granted by the wiki security policy -- or not.

  For PagePermissions, the logic is exactly the same if the page being checked does not have an access control list. However, if the page does have an ACL, the authorization decision is made based the union of the permissions granted in the ACL and in the security policy. In other words, the user must be named in the ACL (or belong to a group or role that is named in the ACL) and be granted (at least) the same permission in the security policy. We do this to prevent a user from gaining more permissions than they already have, based on the security policy.

  See the {@link #checkPermission(WikiSession,Permission)} and{@link #hasRoleOrPrincipal(WikiSession,Principal)} methods for more informationon the authorization logic.

  @author Andrew Jaquith @since 2.3 @see AuthenticationManager
• com.google.enterprise.connector.spi.AuthorizationManager
  Authorization Manager. All calls related to authorizing particular users to see particular documents pass through this interface. @since 1.0
• com.vmware.vim25.mo.AuthorizationManager
  blecloud.org)
• de.iritgo.aktera.authorization.AuthorizationManager
  An AuthorizationManager is a service that is able to determine if the specified operation is allowed for the given user. How it determines this is entirely up to the implementation of the security manager. It is possible that a security manager implementation may "nest" other security managers - e.g. call other security managers and make sure that they all agree that the user has access to the given operation. @author Michael Nash
• es.ipsa.atril.sec.user.AuthorizationManager
• io.undertow.servlet.api.AuthorizationManager
  Authorization manager. The servlet implementation delegates all authorization checks to this interface. @author Stuart Douglas
• org.apache.isis.core.runtime.authorization.AuthorizationManager
  Authorises the user in the current session view and use members of an object.
• org.apache.wiki.auth.AuthorizationManager

  Manages all access control and authorization; determines what authenticated users are allowed to do.

  Privileges in JSPWiki are expressed as Java-standard {@link java.security.Permission}classes. There are two types of permissions:

  • {@link org.apache.wiki.auth.permissions.WikiPermission} - privileges that applyto an entire wiki instance: e.g., editing user profiles, creating pages, creating groups
  • {@link org.apache.wiki.auth.permissions.PagePermission} - privileges that applyto a single wiki page or range of pages: e.g., reading, editing, renaming

  Calling classes determine whether they are entitled to perform a particular action by constructing the appropriate permission first, then passing it and the current {@link org.apache.wiki.WikiSession} to the{@link #checkPermission(WikiSession,Permission)} method. If the session'sSubject possesses the permission, the action is allowed.

  For WikiPermissions, the decision criteria is relatively simple: the caller either possesses the permission, as granted by the wiki security policy -- or not.

  For PagePermissions, the logic is exactly the same if the page being checked does not have an access control list. However, if the page does have an ACL, the authorization decision is made based the union of the permissions granted in the ACL and in the security policy. In other words, the user must be named in the ACL (or belong to a group or role that is named in the ACL) and be granted (at least) the same permission in the security policy. We do this to prevent a user from gaining more permissions than they already have, based on the security policy.

  See the {@link #checkPermission(WikiSession,Permission)} and{@link #hasRoleOrPrincipal(WikiSession,Principal)} methods for more informationon the authorization logic.

  @since 2.3 @see AuthenticationManager
• org.camunda.bpm.engine.impl.persistence.entity.AuthorizationManager
  @author Daniel Meyer
• org.infinispan.security.AuthorizationManager
  The AuthorizationManager is a cache-scoped component which verifies that the {@link Subject}associated with the current {@link AccessControlContext} has the requested permissions. @author Tristan Tarrant @since 7.0
• org.jboss.security.AuthorizationManager
  Generalized Authorization Manager Interface.
  
  Replaces the legacy RealmMapping interface @see org.jboss.security.RealmMapping @author Anil Saldhana @since Jan 2, 2006 @version $Revision: 68778 $
• org.sonatype.security.authorization.AuthorizationManager
  A DAO for Roles and Privileges comming from a given source. @author Brian Demers
• org.uberfire.security.authz.AuthorizationManager
• org.wso2.carbon.user.api.AuthorizationManager
• org.wso2.carbon.user.core.AuthorizationManager

Examples of org.apache.isis.core.runtime.authorization.AuthorizationManager

     */
    protected final IsisSessionFactory createSessionFactory(final DeploymentType deploymentType, final UserProfileLoader userProfileLoader, final PersistenceSessionFactory persistenceSessionFactory) throws IsisSystemException {

        final IsisConfiguration configuration = getConfiguration();
        final AuthenticationManager authenticationManager = obtainAuthenticationManager(deploymentType);
        final AuthorizationManager authorizationManager = obtainAuthorizationManager(deploymentType);
        final TemplateImageLoader templateImageLoader = obtainTemplateImageLoader();
        final OidMarshaller oidMarshaller = obtainOidMarshaller();

        final Collection<MetaModelRefiner> metaModelRefiners = refiners(authenticationManager, authorizationManager, templateImageLoader, persistenceSessionFactory);
        final SpecificationLoaderSpi reflector = obtainSpecificationLoaderSpi(deploymentType, persistenceSessionFactory, metaModelRefiners);

Examples of org.apache.isis.core.runtime.authorization.AuthorizationManager

     */
    protected final IsisSessionFactory createSessionFactory(final DeploymentType deploymentType, final UserProfileLoader userProfileLoader, final PersistenceSessionFactory persistenceSessionFactory) throws IsisSystemException {

        final IsisConfiguration configuration = getConfiguration();
        final AuthenticationManager authenticationManager = obtainAuthenticationManager(deploymentType);
        final AuthorizationManager authorizationManager = obtainAuthorizationManager(deploymentType);
        final TemplateImageLoader templateImageLoader = obtainTemplateImageLoader();
        final OidMarshaller oidMarshaller = obtainOidMarshaller();

        final Collection<MetaModelRefiner> metaModelRefiners = refiners(authenticationManager, authorizationManager, templateImageLoader, persistenceSessionFactory);
        final SpecificationLoaderSpi reflector = obtainSpecificationLoaderSpi(deploymentType, persistenceSessionFactory, metaModelRefiners);

Examples of org.apache.isis.core.runtime.authorization.AuthorizationManager

            final DeploymentType deploymentType,
            final PersistenceSessionFactory persistenceSessionFactory) throws IsisSystemException {

        final IsisConfiguration configuration = getConfiguration();
        final AuthenticationManager authenticationManager = obtainAuthenticationManager(deploymentType);
        final AuthorizationManager authorizationManager = obtainAuthorizationManager(deploymentType);
        final OidMarshaller oidMarshaller = obtainOidMarshaller();

        final Collection<MetaModelRefiner> metaModelRefiners = refiners(authenticationManager, authorizationManager, persistenceSessionFactory);
        final SpecificationLoaderSpi reflector = obtainSpecificationLoaderSpi(deploymentType, metaModelRefiners);

Examples of org.apache.wiki.auth.AuthorizationManager

     */
    private boolean checkPermission( String permission )
    {
        WikiSession session        = m_wikiContext.getWikiSession();
        WikiPage    page           = m_wikiContext.getPage();
        AuthorizationManager mgr   = m_wikiContext.getEngine().getAuthorizationManager();
        boolean gotPermission     = false;

        if ( CREATE_GROUPS.equals( permission ) || CREATE_PAGES.equals( permission )
            || EDIT_PREFERENCES.equals( permission ) || EDIT_PROFILE.equals( permission )
            || LOGIN.equals( permission ) )
        {
            gotPermission = mgr.checkPermission( session, new WikiPermission( page.getWiki(), permission ) );
        }
        else if ( VIEW_GROUP.equals( permission )
            || EDIT_GROUP.equals( permission )
            || DELETE_GROUP.equals( permission ) )
        {
            Command command = m_wikiContext.getCommand();
            gotPermission = false;
            if ( command instanceof GroupCommand && command.getTarget() != null )
            {
                GroupPrincipal group = (GroupPrincipal)command.getTarget();
                String groupName = group.getName();
                String action = "view";
                if( EDIT_GROUP.equals( permission ) )
                {
                    action = "edit";
                }
                else if ( DELETE_GROUP.equals( permission ) )
                {
                    action = "delete";
                }
                gotPermission = mgr.checkPermission( session, new GroupPermission( groupName, action ) );
            }
        }
        else if ( ALL_PERMISSION.equals( permission ) )
        {
            gotPermission = mgr.checkPermission( session, new AllPermission( m_wikiContext.getEngine().getApplicationName() ) );
        }
        else if ( page != null )
        {
            //
            //  Edit tag also checks that we're not trying to edit an
            //  old version: they cannot be edited.
            //
            if( EDIT.equals(permission) )
            {
                WikiPage latest = m_wikiContext.getEngine().getPage( page.getName() );
                if( page.getVersion() != WikiProvider.LATEST_VERSION &&
                    latest.getVersion() != page.getVersion() )
                {
                    return false;
                }
            }

            Permission p = PermissionFactory.getPagePermission( page, permission );
            gotPermission = mgr.checkPermission( session,
                                                  p );
        }

        return gotPermission;
    }

Examples of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationManager

  protected void saveDefaultAuthorizations(final AuthorizationEntity[] authorizations) {
    if(authorizations != null) {
      Context.getCommandContext().runWithoutAuthentication(new Runnable() {
        public void run() {
          AuthorizationManager authorizationManager = Context.getCommandContext()
              .getAuthorizationManager();
          for (AuthorizationEntity authorization : authorizations) {
            authorizationManager.insert(authorization);
          }
        }
      });
    }
  }

Examples of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationManager

    ensureNotNull("Authorization 'resourceType' cannot be null.", "authorization.getResource()", authorization.getResource());
  }

  public Authorization execute(CommandContext commandContext) {

    final AuthorizationManager authorizationManager = commandContext.getAuthorizationManager();

    if(authorization.getId() == null) {
      authorizationManager.insert(authorization);

    } else {
      authorizationManager.update(authorization);

    }

    return authorization;
  }

Examples of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationManager

    this.authorizationId = authorizationId;
  }

  public Void execute(CommandContext commandContext) {

    final AuthorizationManager authorizationManager = commandContext.getAuthorizationManager();

    AuthorizationEntity authorization = (AuthorizationEntity) new AuthorizationQueryImpl(commandContext)
      .authorizationId(authorizationId)
      .singleResult();

    ensureNotNull("Authorization for Id '" + authorizationId + "' does not exist", "authorization", authorization);

    authorizationManager.delete(authorization);

    return null;
  }

Examples of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationManager

    this.resource = resource;
    this.resourceId = resourceId;
  }

  public Boolean execute(CommandContext commandContext) {
    final AuthorizationManager authorizationManager = commandContext.getAuthorizationManager();
    return authorizationManager.isAuthorized(userId, groupIds, permission, resource, resourceId);
  }

Examples of org.infinispan.security.AuthorizationManager

      }
      return result;
   }

   private void ensureAccessPermissions(final AdvancedCache<?, ?> cache) {
      AuthorizationManager authorizationManager = SecurityActions.getCacheAuthorizationManager(cache);
      if (authorizationManager != null) {
         authorizationManager.checkPermission(AuthorizationPermission.EXEC);
      }
   }

Examples of org.infinispan.security.AuthorizationManager

   protected Reducer<KOut, VOut> clone(Reducer<KOut, VOut> reducer){
      return Util.cloneWithMarshaller(marshaller, reducer);
   }

   private void ensureAccessPermissions(final AdvancedCache<?, ?> cache) {
      AuthorizationManager authorizationManager = SecurityActions.getCacheAuthorizationManager(cache);
      if (authorizationManager != null) {
         authorizationManager.checkPermission(AuthorizationPermission.EXEC);
      }
   }