Examples of AuthorizationManager

com.bitmovers.maui.engine.AuthorizationManager
This is used to match up license levels with allowed activities.
com.ecyrd.jspwiki.auth.AuthorizationManager
Manages all access control and authorization; determines what authenticated users are allowed to do.

Privileges in JSPWiki are expressed as Java-standard {@link java.security.Permission}classes. There are two types of permissions:
- {@link com.ecyrd.jspwiki.auth.permissions.WikiPermission} - privileges that applyto an entire wiki instance: e.g., editing user profiles, creating pages, creating groups
- {@link com.ecyrd.jspwiki.auth.permissions.PagePermission} - privileges that applyto a single wiki page or range of pages: e.g., reading, editing, renaming
Calling classes determine whether they are entitled to perform a particular action by constructing the appropriate permission first, then passing it and the current {@link com.ecyrd.jspwiki.WikiSession} to the{@link #checkPermission(WikiSession,Permission)} method. If the session'sSubject possesses the permission, the action is allowed.

For WikiPermissions, the decision criteria is relatively simple: the caller either possesses the permission, as granted by the wiki security policy -- or not.

For PagePermissions, the logic is exactly the same if the page being checked does not have an access control list. However, if the page does have an ACL, the authorization decision is made based the union of the permissions granted in the ACL and in the security policy. In other words, the user must be named in the ACL (or belong to a group or role that is named in the ACL) and be granted (at least) the same permission in the security policy. We do this to prevent a user from gaining more permissions than they already have, based on the security policy.

See the {@link #checkPermission(WikiSession,Permission)} and{@link #hasRoleOrPrincipal(WikiSession,Principal)} methods for more informationon the authorization logic.
@author Andrew Jaquith @since 2.3 @see AuthenticationManager
com.google.enterprise.connector.spi.AuthorizationManager
Authorization Manager. All calls related to authorizing particular users to see particular documents pass through this interface. @since 1.0
com.vmware.vim25.mo.AuthorizationManager
blecloud.org)
de.iritgo.aktera.authorization.AuthorizationManager
An AuthorizationManager is a service that is able to determine if the specified operation is allowed for the given user. How it determines this is entirely up to the implementation of the security manager. It is possible that a security manager implementation may "nest" other security managers - e.g. call other security managers and make sure that they all agree that the user has access to the given operation. @author Michael Nash
es.ipsa.atril.sec.user.AuthorizationManager
io.undertow.servlet.api.AuthorizationManager
Authorization manager. The servlet implementation delegates all authorization checks to this interface. @author Stuart Douglas
org.apache.isis.core.runtime.authorization.AuthorizationManager
Authorises the user in the current session view and use members of an object.
org.apache.wiki.auth.AuthorizationManager
Manages all access control and authorization; determines what authenticated users are allowed to do.

Privileges in JSPWiki are expressed as Java-standard {@link java.security.Permission}classes. There are two types of permissions:
- {@link org.apache.wiki.auth.permissions.WikiPermission} - privileges that applyto an entire wiki instance: e.g., editing user profiles, creating pages, creating groups
- {@link org.apache.wiki.auth.permissions.PagePermission} - privileges that applyto a single wiki page or range of pages: e.g., reading, editing, renaming
Calling classes determine whether they are entitled to perform a particular action by constructing the appropriate permission first, then passing it and the current {@link org.apache.wiki.WikiSession} to the{@link #checkPermission(WikiSession,Permission)} method. If the session'sSubject possesses the permission, the action is allowed.

For WikiPermissions, the decision criteria is relatively simple: the caller either possesses the permission, as granted by the wiki security policy -- or not.

For PagePermissions, the logic is exactly the same if the page being checked does not have an access control list. However, if the page does have an ACL, the authorization decision is made based the union of the permissions granted in the ACL and in the security policy. In other words, the user must be named in the ACL (or belong to a group or role that is named in the ACL) and be granted (at least) the same permission in the security policy. We do this to prevent a user from gaining more permissions than they already have, based on the security policy.

See the {@link #checkPermission(WikiSession,Permission)} and{@link #hasRoleOrPrincipal(WikiSession,Principal)} methods for more informationon the authorization logic.
@since 2.3 @see AuthenticationManager
org.camunda.bpm.engine.impl.persistence.entity.AuthorizationManager
@author Daniel Meyer
org.infinispan.security.AuthorizationManager
The AuthorizationManager is a cache-scoped component which verifies that the {@link Subject}associated with the current {@link AccessControlContext} has the requested permissions. @author Tristan Tarrant @since 7.0
org.jboss.security.AuthorizationManager
Generalized Authorization Manager Interface.

Replaces the legacy RealmMapping interface @see org.jboss.security.RealmMapping @author Anil Saldhana @since Jan 2, 2006 @version $Revision: 68778 $
org.sonatype.security.authorization.AuthorizationManager
A DAO for Roles and Privileges comming from a given source. @author Brian Demers
org.uberfire.security.authz.AuthorizationManager
org.wso2.carbon.user.api.AuthorizationManager
org.wso2.carbon.user.core.AuthorizationManager

Examples of org.wso2.carbon.user.core.AuthorizationManager

        try {
            userStoreManager1 = userRealm1.getUserStoreManager();
        } catch (UserStoreException e) {
            throw new RegistryException("Error in retrieving UserStoreManager.");
        }
        AuthorizationManager authorizationManager1;
        try {
            authorizationManager1 = userRealm1.getAuthorizationManager();
        } catch (UserStoreException e) {
            throw new RegistryException("Error in retrieving AuthorizationManager.");
        }


        // adding some users
        try {
            userStoreManager1.addUser("user1t0", "password", null, null, null);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding user user1t0.");
        }
        try {
            userStoreManager1.addUser("user2t0", "password", null, null, null);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding user user2t0.");
        }
        try {
            userStoreManager1.addUser("user3t0", "password", null, null, null);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding user user3t0.");
        }


        // adding more users we are going to add roles with
        try {
            userStoreManager1.addUser("user4t0", "password", null, null, null);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding user user4t0.");
        }
        try {
            userStoreManager1.addUser("user5t0", "password", null, null, null);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding user user5t0.");
        }
        try {
            userStoreManager1.addUser("user6t0", "password", null, null, null);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding user user6t0.");
        }


        // adding some roles
        try {
            userStoreManager1.addRole("role1t0", null, null);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding role role1t0.");
        }
        try {
            userStoreManager1.addRole("role2t0", null, null);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding role role2t0.");
        }
        try {
            userStoreManager1.addRole("role3t0", null, null);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding role role3t0.");
        }
//
//        // now assign authorizations to first set of users.
//        try {
//            authorizationManager1.authorizeUser("user1t0", "/test2", ActionConstants.PUT);
//        } catch (UserStoreException e) {
//            throw new RegistryException("Error in authorizing user1t0.");
//        }
//        try {
//            authorizationManager1.authorizeUser("user2t0", "/test2", ActionConstants.DELETE);
//        } catch (UserStoreException e) {
//            throw new RegistryException("Error in authorizing user2t0.");
//        }
//        try {
//            authorizationManager1.authorizeUser("user2t0", "/test2", "authorize");
//        } catch (UserStoreException e) {
//            throw new RegistryException("Error in authorizing user3t0.");
//        }


        // then assign roles to the second set of users.
        try {
            userStoreManager1.updateRoleListOfUser("user4t0", null, new String[]{"role1t0"});
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding user user4t0 to role1t0 role.");
        }
        try {
            userStoreManager1.updateRoleListOfUser("user5t0", null, new String[]{"role2t0"});
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding user user5t0 to role2t0 role.");
        }
        try {
            userStoreManager1.updateRoleListOfUser("user6t0", null, new String[]{"role3t0"});
        } catch (UserStoreException e) {
            throw new RegistryException("Error in adding user user6t0 to role3t0 role.");
        }


        // now giving authorizations to the role.
        try {
            authorizationManager1.authorizeRole("role1t0", "/test2", ActionConstants.PUT);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in authorizing role1t0.");
        }
        try {
            authorizationManager1.authorizeRole("role2t0", "/test2", ActionConstants.DELETE);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in authorizing role2t0.");
        }
        try {
            authorizationManager1.authorizeRole("role3t0", "/test2", "authorize");
        } catch (UserStoreException e) {
            throw new RegistryException("Error in authorizing role3t0.");
        }


        // secondly we will check the user store from tenant 1 and verify no overlaps with tenant 0 
        UserRegistry registry2 =
                embeddedRegistryService.getUserRegistry(realmConfig.getAdminUserName(), 1);


        UserRealm userRealm2 = registry2.getUserRealm();
        UserStoreManager userStoreManager2;
        try {
            userStoreManager2 = userRealm2.getUserStoreManager();
        } catch (UserStoreException e) {
            throw new RegistryException("Error in retrieving UserStoreManager.");
        }
        AuthorizationManager authorizationManager2;
        try {
            authorizationManager2 = userRealm2.getAuthorizationManager();
        } catch (UserStoreException e) {
            throw new RegistryException("Error in retrieving AuthorizationManager.");
        }


        String[] users;
        try {
            users = userStoreManager2.listUsers("*", 10);
        } catch (UserStoreException e) {
            throw new RegistryException("Error in retrieving UserStoreManager.");
        }
        // check the existence of the user
        assertFalse("UserStore for tenant1 should not have user1t0",
                Arrays.binarySearch(users, "user1t0") >= 0);
        assertFalse("UserStore for tenant1 should not have user2t0",
                Arrays.binarySearch(users, "user2t0") >= 0);
        assertFalse("UserStore for tenant1 should not have user3t0",
                Arrays.binarySearch(users, "user3t0") >= 0);
        assertFalse("UserStore for tenant1 should not have user4t0",
                Arrays.binarySearch(users, "user4t0") >= 0);
        assertFalse("UserStore for tenant1 should not have user5t0",
                Arrays.binarySearch(users, "user5t0") >= 0);
        assertFalse("UserStore for tenant1 should not have user6t0",
                Arrays.binarySearch(users, "user6t0") >= 0);


        // check the existence of the role
        assertFalse("UserStore for tenant1 should not have role1t0",
                Arrays.binarySearch(users, "role1t0") >= 0);
        assertFalse("UserStore for tenant1 should not have role2t0",
                Arrays.binarySearch(users, "role2t0") >= 0);
        assertFalse("UserStore for tenant1 should not have role3t0",
                Arrays.binarySearch(users, "role3t0") >= 0);


        // check the user authorizations
        assertFalse("UserStore for tenant1 should not have user1t0",
                Arrays.binarySearch(users, "user1t0") >= 0);
        assertFalse("UserStore for tenant1 should not have user2t0",
                Arrays.binarySearch(users, "user2t0") >= 0);
        assertFalse("UserStore for tenant1 should not have user3t0",
                Arrays.binarySearch(users, "user3t0") >= 0);


        // check the authorization of the users.
        try {
            assertFalse("UserStore for tenant1 should not have authorizations for user1t0",
                    authorizationManager2
                            .isUserAuthorized("user1t0", "/test2", ActionConstants.PUT));
            assertFalse("UserStore for tenant1 should not have authorizations for user2t0",
                    authorizationManager2
                            .isUserAuthorized("user2t0", "/test2", ActionConstants.DELETE));
            assertFalse("UserStore for tenant1 should not have authorizations for user3t0",
                    authorizationManager2.isUserAuthorized("user3t0", "/test2", "authorize"));
        } catch (UserStoreException e) {
            throw new RegistryException("Error in checking authorizations.");
        }


        // check the user is added to the role

View Full Code Here

Examples of org.wso2.carbon.user.core.AuthorizationManager

                String msg = "UI permissions of Admin is not allowed to change";
                log.error(msg);
                throw new UserAdminException(msg);
            }
            String[] optimizedList = UserCoreUtil.optimizePermissions(rawResources);
            AuthorizationManager authMan = realm.getAuthorizationManager();
            authMan.clearRoleActionOnAllResources(roleName, UserMgtConstants.EXECUTE_ACTION);
            for (String path : optimizedList) {
                authMan.authorizeRole(roleName, path, UserMgtConstants.EXECUTE_ACTION);
            }
        } catch (UserStoreException e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        }

View Full Code Here

Examples of org.wso2.carbon.user.core.AuthorizationManager

    public static void updateRoleUIPermission(String roleName, String[] rawPermissions)
            throws UserAdminException {
        try {
            String[] optimizedList = UserCoreUtil.optimizePermissions(rawPermissions);
            UserRealm realm = AdminServicesUtil.getUserRealm();
            AuthorizationManager authMan = realm.getAuthorizationManager();
            authMan.clearRoleActionOnAllResources(roleName, UserMgtConstants.EXECUTE_ACTION);
            for (String path : optimizedList) {
                authMan.authorizeRole(roleName, path, UserMgtConstants.EXECUTE_ACTION);
            }
        } catch (UserStoreException e) {
            // not logging already logged
            throw new UserAdminException(e.getMessage(), e);
        } catch (CarbonException e) {

View Full Code Here

Examples of org.wso2.carbon.user.core.AuthorizationManager


            // realm is taken from the registry rather than realm service to fix
            // chrooted issues
            UserRealm realm = registry.getUserRealm();
            String adminRole = realm.getRealmConfiguration().getAdminRoleName();
            AuthorizationManager authMan = realm.getAuthorizationManager();
            if (!authMan.isRoleAuthorized(adminRole, CarbonConstants.UI_PERMISSION_COLLECTION,
                    UserMgtConstants.EXECUTE_ACTION)) {
                authMan.authorizeRole(adminRole, CarbonConstants.UI_PERMISSION_COLLECTION,
                        UserMgtConstants.EXECUTE_ACTION);
            }
        } catch (Exception e) {
            log.error("While adding management permission :: " + e.getMessage(), e);
            throw new Exception("While adding management permission :: " + e.getMessage(), e);

View Full Code Here

Examples of org.wso2.carbon.user.core.AuthorizationManager

            String userName = userRegistry.getUserName();
            versionsBean.setLoggedIn(!RegistryConstants.ANONYMOUS_USER.equals(userName));


            ResourcePath resourcePath = new ResourcePath(path);
            try {
                AuthorizationManager authorizer = userRegistry.getUserRealm().getAuthorizationManager();
                boolean putAllowed = authorizer.
                        isUserAuthorized(userName, resourcePath.getPath(), ActionConstants.PUT);
                versionsBean.setPutAllowed(putAllowed);


            } catch (UserStoreException e) {

View Full Code Here

Examples of org.wso2.carbon.user.core.AuthorizationManager

    private static PermissionEntry[] getUserPermissions(UserRealm userRealm, String path)
            throws UserStoreException {


        Map <String, PermissionEntry> userPermissionMap = new HashMap <String, PermissionEntry>();


        AuthorizationManager authorizer = userRealm.getAuthorizationManager();


        RealmConfiguration realmConfig = userRealm.getRealmConfiguration();
        String systemUserName = CarbonConstants.REGISTRY_SYSTEM_USERNAME;
        String adminUserName = realmConfig.getAdminUserName();
        String[] raUsers = authorizer.getExplicitlyAllowedUsersForResource(path, ActionConstants.GET);
        for (String raUser : raUsers) {
            if (raUser.equals(systemUserName) || raUser.equals(adminUserName)) {
                continue;
            }
            if (userPermissionMap.containsKey(raUser)) {
                PermissionEntry permission = userPermissionMap.get(raUser);
                permission.setReadAllow(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(raUser);
                permission.setReadAllow(true);
                userPermissionMap.put(raUser, permission);
            }
        }


        String[] rdUsers = authorizer.getExplicitlyDeniedUsersForResource(path, ActionConstants.GET);
        for (String rdUser : rdUsers) {
            if (rdUser.equals(systemUserName) || rdUser.equals(adminUserName)) {
                continue;
            }
            if (userPermissionMap.containsKey(rdUser)) {
                PermissionEntry permission = userPermissionMap.get(rdUser);
                permission.setReadDeny(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(rdUser);
                permission.setReadDeny(true);
                userPermissionMap.put(rdUser, permission);
            }
        }


        String[] waUsers = authorizer.getExplicitlyAllowedUsersForResource(path, ActionConstants.PUT);
        for (String waUser : waUsers) {
            if (waUser.equals(systemUserName) || waUser.equals(adminUserName)) {
                continue;
            }
            if (userPermissionMap.containsKey(waUser)) {
                PermissionEntry permission = userPermissionMap.get(waUser);
                permission.setWriteAllow(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(waUser);
                permission.setWriteAllow(true);
                userPermissionMap.put(waUser, permission);
            }
        }
        
        String[] wdUsers = authorizer.getExplicitlyDeniedUsersForResource(path, ActionConstants.PUT);
        for (String wdUser : wdUsers) {
            if (wdUser.equals(systemUserName) || wdUser.equals(adminUserName)) {
                continue;
            }
            if (userPermissionMap.containsKey(wdUser)) {
                PermissionEntry permission = userPermissionMap.get(wdUser);
                permission.setWriteDeny(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(wdUser);
                permission.setWriteDeny(true);
                userPermissionMap.put(wdUser, permission);
            }
        }


        String[] daUsers = authorizer.getExplicitlyAllowedUsersForResource(path, ActionConstants.DELETE);
        for (String daUser : daUsers) {
            if (daUser.equals(systemUserName) || daUser.equals(adminUserName)) {
                continue;
            }
            if (userPermissionMap.containsKey(daUser)) {
                PermissionEntry permission = userPermissionMap.get(daUser);
                permission.setDeleteAllow(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(daUser);
                permission.setDeleteAllow(true);
                userPermissionMap.put(daUser, permission);
            }
        }


        String[] ddUsers = authorizer.getExplicitlyDeniedUsersForResource(path, ActionConstants.DELETE);
        for (String ddUser : ddUsers) {
            if (ddUser.equals(systemUserName) || ddUser.equals(adminUserName)) {
                continue;
            }
            if (userPermissionMap.containsKey(ddUser)) {
                PermissionEntry permission = userPermissionMap.get(ddUser);
                permission.setDeleteDeny(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(ddUser);
                permission.setDeleteDeny(true);
                userPermissionMap.put(ddUser, permission);
            }
        }




        String[] aaUsers = authorizer.
                getExplicitlyAllowedUsersForResource(path, AccessControlConstants.AUTHORIZE);
        for (String aaUser : aaUsers) {
            if (aaUser.equals(systemUserName) || aaUser.equals(adminUserName)) {
                continue;
            }
            if (userPermissionMap.containsKey(aaUser)) {
                PermissionEntry permission = userPermissionMap.get(aaUser);
                permission.setAuthorizeAllow(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(aaUser);
                permission.setAuthorizeAllow(true);
                userPermissionMap.put(aaUser, permission);
            }
        }
        String[] adUsers = authorizer.
                getExplicitlyDeniedUsersForResource(path, AccessControlConstants.AUTHORIZE);
        for (String adUser : adUsers) {
            if (adUser.equals(systemUserName) || adUser.equals(adminUserName)) {
                continue;
            }

View Full Code Here

Examples of org.wso2.carbon.user.core.AuthorizationManager

    private static PermissionEntry[] getRolePermissions(UserRealm userRealm, String path)
            throws UserStoreException {


        Map <String, PermissionEntry> rolePermissionMap = new HashMap <String, PermissionEntry> ();


        AuthorizationManager authorizer = userRealm.getAuthorizationManager();
        RealmConfiguration realmConfig = userRealm.getRealmConfiguration();
        String adminRoleName = realmConfig.getAdminRoleName();


        String[] raRoles = authorizer.getAllowedRolesForResource(path, ActionConstants.GET);
        for (String raRole : raRoles) {
            if (raRole.equals(adminRoleName)) {
                continue;
            }
            if (rolePermissionMap.containsKey(raRole)) {
                PermissionEntry permission = rolePermissionMap.get(raRole);
                permission.setReadAllow(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(raRole);
                permission.setReadAllow(true);
                rolePermissionMap.put(raRole, permission);
            }
        }


        String[] rdRoles = authorizer.getDeniedRolesForResource(path, ActionConstants.GET);
        for (String rdRole : rdRoles) {
            if (rolePermissionMap.containsKey(rdRole)) {
                PermissionEntry permission = rolePermissionMap.get(rdRole);
                permission.setReadDeny(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(rdRole);
                permission.setReadDeny(true);
                rolePermissionMap.put(rdRole, permission);
            }
        }




        String[] waRoles = authorizer.getAllowedRolesForResource(path, ActionConstants.PUT);
        for (String waRole : waRoles) {
            if (waRole.equals(adminRoleName)) {
                continue;
            }
            if (rolePermissionMap.containsKey(waRole)) {
                PermissionEntry permission = rolePermissionMap.get(waRole);
                permission.setWriteAllow(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(waRole);
                permission.setWriteAllow(true);
                rolePermissionMap.put(waRole, permission);
            }
        }


        String[] wdRoles = authorizer.getDeniedRolesForResource(path, ActionConstants.PUT);
        for (String wdRole : wdRoles) {
            if (rolePermissionMap.containsKey(wdRole)) {
                PermissionEntry permission = rolePermissionMap.get(wdRole);
                permission.setWriteDeny(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(wdRole);
                permission.setWriteDeny(true);
                rolePermissionMap.put(wdRole, permission);
            }
        }
        
        String[] daRoles = authorizer.getAllowedRolesForResource(path, ActionConstants.DELETE);
        for (String daRole : daRoles) {
            if (daRole.equals(adminRoleName)) {
                continue;
            }
            if (rolePermissionMap.containsKey(daRole)) {
                PermissionEntry permission = rolePermissionMap.get(daRole);
                permission.setDeleteAllow(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(daRole);
                permission.setDeleteAllow(true);
                rolePermissionMap.put(daRole, permission);
            }
        }
        
        String[] ddRoles = authorizer.getDeniedRolesForResource(path, ActionConstants.DELETE);
        for (String ddRole : ddRoles) {
            if (rolePermissionMap.containsKey(ddRole)) {
                PermissionEntry permission = rolePermissionMap.get(ddRole);
                permission.setDeleteDeny(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(ddRole);
                permission.setDeleteDeny(true);
                rolePermissionMap.put(ddRole, permission);
            }
        }




        String[] aaRoles = authorizer.
                getAllowedRolesForResource(path, AccessControlConstants.AUTHORIZE);
        for (String aaRole : aaRoles) {
            if (aaRole.equals(adminRoleName)) {
                continue;
            }
            if (rolePermissionMap.containsKey(aaRole)) {
                PermissionEntry permission = rolePermissionMap.get(aaRole);
                permission.setAuthorizeAllow(true);
            } else {
                PermissionEntry permission = new PermissionEntry();
                permission.setUserName(aaRole);
                permission.setAuthorizeAllow(true);
                rolePermissionMap.put(aaRole, permission);
            }
        }
        
        String[] adRoles = authorizer.
                getDeniedRolesForResource(path, AccessControlConstants.AUTHORIZE);
        for (String adRole : adRoles) {
            if (rolePermissionMap.containsKey(adRole)) {
                PermissionEntry permission = rolePermissionMap.get(adRole);
                permission.setAuthorizeDeny(true);

View Full Code Here

Examples of org.wso2.carbon.user.core.AuthorizationManager

        try {
            UserRealm realm =
                              (UserRealm) TenantMgtCoreServiceComponent.getRealmService().
                                                                        getTenantUserRealm(tenantId);
            String adminRole = realm.getRealmConfiguration().getAdminRoleName();
            AuthorizationManager authMan = realm.getAuthorizationManager();
            // Authorize the admin role, if not authorized yet.
            if (!authMan.isRoleAuthorized(adminRole,
                                          CarbonConstants.UI_ADMIN_PERMISSION_COLLECTION,
                                          UserMgtConstants.EXECUTE_ACTION)) {
                authMan.authorizeRole(adminRole, CarbonConstants.UI_ADMIN_PERMISSION_COLLECTION,
                                      UserMgtConstants.EXECUTE_ACTION);
            }
        } catch (UserStoreException e) {
            String msg = "Error in authorizing the admin role.";
            log.error(msg, e);

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.