001 /*
002 * Copyright 2000-2004 Sun Microsystems, Inc. All Rights Reserved.
003 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004 *
005 * This code is free software; you can redistribute it and/or modify it
006 * under the terms of the GNU General Public License version 2 only, as
007 * published by the Free Software Foundation. Sun designates this
008 * particular file as subject to the "Classpath" exception as provided
009 * by Sun in the LICENSE file that accompanied this code.
010 *
011 * This code is distributed in the hope that it will be useful, but WITHOUT
012 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
014 * version 2 for more details (a copy is included in the LICENSE file that
015 * accompanied this code).
016 *
017 * You should have received a copy of the GNU General Public License version
018 * 2 along with this work; if not, write to the Free Software Foundation,
019 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020 *
021 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022 * CA 95054 USA or visit www.sun.com if you need additional information or
023 * have any questions.
024 */
025
026 package javax.security.sasl;
027
028 import javax.security.auth.callback.Callback;
029
030 /**
031 * This callback is used by <tt>SaslServer</tt> to determine whether
032 * one entity (identified by an authenticated authentication id)
033 * can act on
034 * behalf of another entity (identified by an authorization id).
035 *
036 * @since 1.5
037 *
038 * @author Rosanna Lee
039 * @author Rob Weltman
040 */
041 public class AuthorizeCallback implements Callback,
042 java.io.Serializable {
043 /**
044 * The (authenticated) authentication id to check.
045 * @serial
046 */
047 private String authenticationID;
048
049 /**
050 * The authorization id to check.
051 * @serial
052 */
053 private String authorizationID;
054
055 /**
056 * The id of the authorized entity. If null, the id of
057 * the authorized entity is authorizationID.
058 * @serial
059 */
060 private String authorizedID;
061
062 /**
063 * A flag indicating whether the authentication id is allowed to
064 * act on behalf of the authorization id.
065 * @serial
066 */
067 private boolean authorized;
068
069 /**
070 * Constructs an instance of <tt>AuthorizeCallback</tt>.
071 *
072 * @param authnID The (authenticated) authentication id.
073 * @param authzID The authorization id.
074 */
075 public AuthorizeCallback(String authnID, String authzID) {
076 authenticationID = authnID;
077 authorizationID = authzID;
078 }
079
080 /**
081 * Returns the authentication id to check.
082 * @return The authentication id to check.
083 */
084 public String getAuthenticationID() {
085 return authenticationID;
086 }
087
088 /**
089 * Returns the authorization id to check.
090 * @return The authentication id to check.
091 */
092 public String getAuthorizationID() {
093 return authorizationID;
094 }
095
096 /**
097 * Determines whether the authentication id is allowed to
098 * act on behalf of the authorization id.
099 *
100 * @return <tt>true</tt> if authorization is allowed; <tt>false</tt> otherwise
101 * @see #setAuthorized(boolean)
102 * @see #getAuthorizedID()
103 */
104 public boolean isAuthorized() {
105 return authorized;
106 }
107
108 /**
109 * Sets whether the authorization is allowed.
110 * @param ok <tt>true</tt> if authorization is allowed; <tt>false</tt> otherwise
111 * @see #isAuthorized
112 * @see #setAuthorizedID(java.lang.String)
113 */
114 public void setAuthorized(boolean ok) {
115 authorized = ok;
116 }
117
118 /**
119 * Returns the id of the authorized user.
120 * @return The id of the authorized user. <tt>null</tt> means the
121 * authorization failed.
122 * @see #setAuthorized(boolean)
123 * @see #setAuthorizedID(java.lang.String)
124 */
125 public String getAuthorizedID() {
126 if (!authorized) {
127 return null;
128 }
129 return (authorizedID == null) ? authorizationID : authorizedID;
130 }
131
132 /**
133 * Sets the id of the authorized entity. Called by handler only when the id
134 * is different from getAuthorizationID(). For example, the id
135 * might need to be canonicalized for the environment in which it
136 * will be used.
137 * @param id The id of the authorized user.
138 * @see #setAuthorized(boolean)
139 * @see #getAuthorizedID
140 */
141 public void setAuthorizedID(String id) {
142 authorizedID = id;
143 }
144
145 private static final long serialVersionUID = -2353344186490470805L;
146 }
|