Michael Wechner schrieb:
Andreas Hartmann schrieb:
I have done a dry-run, there are some conflicts but IMO they should be
easy to resolve (see below).
The access control API has changed a little,
what exactly has changed?
Here's a list of the API-relevant changes. Since 1.2 doesn't really
distinguish between API and implementation, I included the *Impl classes.
Index: Accreditable.java
===================================================================
public interface Accreditable {
+ String getName();
}
Index: Machine.java
===================================================================
-public class Machine implements Identifiable, Serializable {
+public class Machine implements Identifiable {
- public Accreditable[] getAccreditables() {
+ public Accreditable[] getAccreditables(AccreditableManager manager) {
- public IPRange[] getIPRanges() {
- return (IPRange[]) ipRanges.toArray(new IPRange[ipRanges.size()]);
+ public IPRange[] getIpRanges(AccreditableManager manager) {
}
Index: Authenticator.java
===================================================================
public interface Authenticator extends Component {
- boolean authenticate(AccreditableManager accreditableManager,
Request request)
- throws AccessControlException;
+ boolean authenticate(AccreditableManager accreditableManager,
Request request,
+ ErrorHandler handler) throws AccessControlException;
+ String getLoginUri(Request request);
+ String getTargetUri(Request request);
+ AttributeSet getAttributeSet();
}
Index: User.java
===================================================================
-public interface User extends Identifiable, Item, Groupable {
+public interface User extends Item, AttributeOwner {
- void setPassword(String plainTextPassword);
- void save() throws AccessControlException;
- void delete() throws AccessControlException;
- boolean authenticate(String password);
}
Index: impl/AbstractUser.java
===================================================================
-public abstract class AbstractUser extends AbstractGroupable implements
User {
+public abstract class AbstractUser extends AbstractGroupable implements
ManagedUser, Groupable {
+ public String[] getAttributeValues(String name) throws
AccessControlException {
+ public String[] getAttributeNames() {
+ public void setAttributeValues(String name, String[] values) throws
AccessControlException {
+ public Group[] getGroups() {
}
Index: impl/AbstractGroupable.java
===================================================================
public abstract class AbstractGroupable extends AbstractItem
implements Groupable, Accreditable {
- public Accreditable[] getAccreditables() {
}
Index: impl/DefaultPolicy.java
===================================================================
public class DefaultPolicy implements Policy {
+ public DefaultPolicy(AccreditableManager accrMgr) {
+ public Accreditable[] getAccreditables(Role role) {
}
Index: impl/TransientUser.java
===================================================================
+public class TransientUser implements User {
+ public TransientUser(String id) {
+ public String getId() {
+ public String[] getAttributeValues(String name) throws
AccessControlException {
+ public String[] getAttributeNames() {
+ public void setAttributeValues(String name, String[] values) throws
AccessControlException {
+ public String getEmail() {
+ public void setEmail(String email) {
+ public String getDescription() {
+ public String getName() {
+ public void setDescription(String description) {
+ public void setName(String name) {
+}
Index: impl/UserAuthenticator.java
===================================================================
-public class UserAuthenticator extends AbstractLogEnabled implements
Authenticator {
+public class UserAuthenticator extends AbstractLogEnabled implements
Authenticator, Serviceable {
- public boolean authenticate(AccreditableManager
accreditableManager, Request request)
- throws AccessControlException {
+ public boolean authenticate(AccreditableManager
accreditableManager, Request request,
+ ErrorHandler handler) throws AccessControlException {
+ public String getLoginUri(Request request) {
+ public void service(ServiceManager manager) throws ServiceException {
+ public String getTargetUri(Request request) {
+ public AttributeSet getAttributeSet() {
}
Index: impl/DefaultAccessController.java
===================================================================
public class DefaultAccessController extends AbstractLogEnabled
implements AccessController,
Configurable, Serviceable, Disposable, ItemManagerListener {
- public boolean authenticate(Request request) throws
AccessControlException {
+ public boolean authenticate(Request request, ErrorHandler handler)
- public boolean authorize(Request request) throws
AccessControlException {
+ public boolean authorize(Request request, ErrorHandler handler)
throws AccessControlException {
- public boolean ownsIdenity(Identity identity) throws
AccessControlException {
+ public String getAuthenticatorType() {
}
Index: impl/BypassableAccessController.java
===================================================================
- public boolean authorize(Request request) throws
AccessControlException {
+ public boolean authorize(Request request, ErrorHandler handler)
throws AccessControlException {
Index: impl/PolicyAuthorizer.java
===================================================================
public class PolicyAuthorizer extends AbstractLogEnabled implements
Authorizer {
- public boolean authorize(Request request) throws
AccessControlException {
+ public boolean authorize(Request request, ErrorHandler handler)
throws AccessControlException {
}
Index: impl/AbstractGroup.java
===================================================================
- public Accreditable[] getAccreditables() {
+ public boolean matches(AttributeOwner user) {
+ public void setRule(AttributeRule rule) {
+ public AttributeRule getRule() {
Index: impl/AbstractItem.java
===================================================================
public abstract class AbstractItem implements Item {
- public AbstractItem() {
+ public void setId(String string) {
+ public ItemManager getItemManager() {
+ public void setItemManager(ItemManager manager) {
}
Index: impl/URLPolicy.java
===================================================================
public class URLPolicy implements Policy {
+ public Accreditable[] getAccreditables(Role role) {
}
Index: impl/AnonymousAuthenticator.java
===================================================================
public class AnonymousAuthenticator extends AbstractLogEnabled
implements Authenticator {
- public boolean authenticate(AccreditableManager
accreditableManager, Request request)
- throws AccessControlException {
+ public boolean authenticate(AccreditableManager
accreditableManager, Request request,
+ ErrorHandler handler) throws AccessControlException {
+ public String getLoginUri(Request request) {
+ public String getTargetUri(Request request) {
+ public AttributeSet getAttributeSet() {
}
Index: impl/TransientUserReference.java
===================================================================
+public class TransientUserReference extends UserReference {
+ public TransientUserReference(TransientUser user) {
+ public Accreditable[] getAccreditables(AccreditableManager accrMgr) {
+ public boolean canGetUserFrom(AccreditableManager accrMgr) {
+ public User getUser(AccreditableManager accrMgr) {
+}
Index: impl/ValidationResult.java
===================================================================
+public class ValidationResult {
+ public ValidationResult(boolean succeeded) {
+ public ValidationResult(Message[] messages) {
+ public void addMessage(String message) {
+ public void addMessage(Message message) {
+ public Message[] getMessages() {
+ public boolean succeeded() {
+}
Index: Message.java
===================================================================
+public class Message implements Serializable {
+ public Message(String text) {
+ public Message(String text, String[] params) {
+ public String getText() {
+ public String[] getParameters() {
+}
Index: ItemManager.java
===================================================================
public interface ItemManager {
+ String getId();
+ AccreditableManager getAccreditableManager();
}
Index: Identity.java
===================================================================
public class Identity implements Identifiable, java.io.Serializable {
- public Accreditable[] getAccreditables() {
+ public Accreditable[] getAccreditables(AccreditableManager manager) {
- public boolean belongsTo(AccreditableManager manager) throws
AccessControlException {
- public User getUser() {
+ public UserReference getUserReference() {
}
Index: attr/AttributeSet.java
===================================================================
+public interface AttributeSet {
+ String ROLE = AttributeSet.class.getName();
+ String[] getAttributeNames();
+ Attribute getAttribute(String name);
+ String getName();
+}
Index: attr/antlr/AntlrEvaluator.java
===================================================================
+public class AntlrEvaluator extends AbstractLogEnabled implements
AttributeRuleEvaluator {
+ public AntlrEvaluator(Logger logger) {
+ public boolean isComplied(AttributeOwner user, String rule) {
+ public ValidationResult validate(String rule, AttributeSet attrs) {
+}
Index: attr/antlr/ParseException.java
===================================================================
+public class ParseException extends RuntimeException {
+ public ParseException() {
+ public ParseException(String arg0, Throwable arg1) {
+ public ParseException(String arg0) {
+ public ParseException(Throwable arg0) {
+}
Index: attr/antlr/AntlrEvaluatorFactory.java
===================================================================
+public class AntlrEvaluatorFactory extends AbstractLogEnabled
implements AttributeRuleEvaluatorFactory {
+ public AttributeRuleEvaluator getEvaluator() {
+}
Index: attr/impl/AttributeManagerImpl.java
===================================================================
+public class AttributeManagerImpl extends AbstractLogEnabled implements
Serviceable,
+ AttributeManager, Disposable, Initializable, ThreadSafe,
Component {
+ public void service(ServiceManager manager) throws ServiceException {
+ public synchronized AttributeSet getAttributeSet(String name) {
+ public AttributeRuleEvaluator getEvaluator() {
+ public void dispose() {
+ public void initialize() throws Exception {
+}
Index: attr/impl/AttributeSetImpl.java
===================================================================
+public class AttributeSetImpl extends AbstractLogEnabled implements
AttributeSet, Configurable {
+ public Attribute getAttribute(String name) {
+ public String[] getAttributeNames() {
+ public String getName() {
+}
Index: attr/impl/AttributeImpl.java
===================================================================
+public class AttributeImpl implements Attribute {
+ public AttributeImpl(String name, String alias, String description) {
+ public String getDescription() {
+ public String getName() {
+ public String getAlias() {
+}
Index: attr/impl/AttributeRuleImpl.java
===================================================================
+public class AttributeRuleImpl implements AttributeRule {
+ public AttributeRuleImpl(String rule, AttributeSet attrSet,
AttributeRuleEvaluator evaluator)
+ throws AccessControlException {
+ public AttributeSet getAttributeSet() {
+ public String getRule() {
+ public boolean matches(AttributeOwner owner) {
+ public String toString() {
+}
Index: attr/impl/EmptyAttributeSet.java
===================================================================
+public class EmptyAttributeSet implements AttributeSet {
+ public Attribute getAttribute(String name) {
+ public String[] getAttributeNames() {
+ public String getName() {
+}
Index: attr/jexl/JexlEvaluator.java
===================================================================
+public class JexlEvaluator extends AbstractLogEnabled implements
AttributeRuleEvaluator {
+ public JexlEvaluator(Logger logger) {
+ public boolean isComplied(AttributeOwner user, String rule) {
+ public ValidationResult validate(String rule, AttributeSet attrs) {
+}
Index: attr/jexl/JexlEvaluatorFactory.java
===================================================================
+public class JexlEvaluatorFactory extends AbstractLogEnabled implements
AttributeRuleEvaluatorFactory {
+ public AttributeRuleEvaluator getEvaluator() {
+}
Index: attr/Attribute.java
===================================================================
+public interface Attribute {
+ String getName();
+ String getAlias();
+ String getDescription();
+}
Index: attr/AttributeRuleEvaluatorFactory.java
===================================================================
+public interface AttributeRuleEvaluatorFactory {
+ String ROLE = AttributeRuleEvaluatorFactory.class.getName();
+ AttributeRuleEvaluator getEvaluator();
+}
Index: attr/AttributeRule.java
===================================================================
+public interface AttributeRule {
+ String getRule();
+ AttributeSet getAttributeSet();
+ boolean matches(AttributeOwner owner);
+}
Index: attr/AttributeManager.java
===================================================================
+public interface AttributeManager {
+ String ROLE = AttributeManager.class.getName();
+ AttributeRuleEvaluator getEvaluator();
+ AttributeSet getAttributeSet(String name);
+}
Index: attr/AttributeOwner.java
===================================================================
+public interface AttributeOwner {
+ String[] getAttributeNames();
+ String[] getAttributeValues(String name) throws AccessControlException;
+}
Index: attr/AttributeRuleEvaluator.java
===================================================================
+public interface AttributeRuleEvaluator {
+ public boolean isComplied(AttributeOwner user, String rule);
+ public ValidationResult validate(String rule, AttributeSet attributes);
+}
Index: Group.java
===================================================================
-public interface Group extends Identifiable, Item {
+public interface Group extends Accreditable, Item {
+ void setRule(AttributeRule rule);
+ AttributeRule getRule();
+ boolean matches(AttributeOwner user);
}
Index: Authorizer.java
===================================================================
public interface Authorizer extends Component {
- boolean authorize(Request request)
+ boolean authorize(Request request, ErrorHandler errorHandler)
}
Index: RoleManager.java
===================================================================
public interface RoleManager extends ItemManager {
+ boolean contains(String roleId);
}
Index: AccreditableManager.java
===================================================================
public interface AccreditableManager extends Component {
+ AttributeManager getAttributeManager();
}
Index: UserReference.java
===================================================================
+public abstract class UserReference implements Identifiable {
+ public UserReference(String id) {
+ public String getId() {
+ public Accreditable[] getAccreditables(AccreditableManager accrMgr) {
+ public abstract User getUser(AccreditableManager accrMgr);
+ public abstract boolean canGetUserFrom(AccreditableManager accrMgr);
+ protected Set getMatchingGroups(AccreditableManager accrMgr,
AttributeOwner user) {
+}
Index: file/FileIPRangeManager.java
===================================================================
public class FileIPRangeManager extends FileItemManager implements
IPRangeManager {
- public static FileIPRangeManager instance(File
configurationDirectory) throws AccessControlException {
+ public static synchronized FileIPRangeManager
instance(ServiceManager manager,
+ FileAccreditableManager accrMgr, Logger logger) throws
AccessControlException {
}
Index: file/FileRole.java
===================================================================
-public class FileRole extends AbstractRole {
+public class FileRole extends AbstractRole implements FileItem {
Index: file/FileIPRange.java
===================================================================
-public class FileIPRange extends AbstractIPRange implements Serializable {
+public class FileIPRange extends AbstractIPRange implements FileItem {
Index: file/FileGroupManager.java
===================================================================
public final class FileGroupManager extends FileItemManager implements
GroupManager {
- public static FileGroupManager instance(File configurationDirectory)
- throws AccessControlException {
- assert configurationDirectory != null;
+ public static synchronized FileGroupManager instance(ServiceManager
manager, FileAccreditableManager accrMgr,
+ Logger logger) throws AccessControlException {
+ public boolean contains(String groupId) {
+ public AttributeRuleEvaluator getAttributeRuleEvaluator() {
}
Index: file/FileItemManager.java
===================================================================
-public abstract class FileItemManager {
+public abstract class FileItemManager extends AbstractLogEnabled
implements ItemManager {
+ public AccreditableManager getAccreditableManager() {
+ public String getId() {
}
Index: file/FileUserManager.java
===================================================================
public class FileUserManager extends FileItemManager implements
UserManager {
- public static FileUserManager instance(File configurationDirectory,
UserType[] userTypes)
- throws AccessControlException {
+ public static synchronized FileUserManager instance(ServiceManager
manager, FileAccreditableManager accrMgr,
+ UserType[] userTypes, Logger logger) throws
AccessControlException {
+ public boolean contains(String userId) {
}
Index: file/FileGroup.java
===================================================================
-public class FileGroup extends AbstractGroup {
+public class FileGroup extends AbstractGroup implements FileItem {
Index: file/FileRoleManager.java
===================================================================
public final class FileRoleManager extends FileItemManager implements
RoleManager {
- public static FileRoleManager instance(File configurationDirectory)
- throws AccessControlException {
+ public static synchronized FileRoleManager instance(ServiceManager
manager, FileAccreditableManager accrMgr,
+ Logger logger) throws AccessControlException {
+ public boolean contains(String roleId) {
}
Index: file/FileAccreditableManager.java
===================================================================
+ public AttributeManager getAttributeManager() {
Index: file/FileItem.java
===================================================================
+public interface FileItem extends Item {
+ void setConfigurationDirectory(File configurationDirectory);
+ void configure(Configuration configuration) throws
ConfigurationException;
+}
Index: file/FileUser.java
===================================================================
-public class FileUser extends AbstractUser implements Serializable {
+public class FileUser extends AbstractUser implements FileItem {
Index: Policy.java
===================================================================
public interface Policy {
+ Accreditable[] getAccreditables(Role role);
}
Index: SimpleErrorHandler.java
===================================================================
+public class SimpleErrorHandler implements ErrorHandler {
+ public void error(String message) {
+ public Message[] getErrors() {
+ public void error(Message message) {
+}
Index: shibboleth/ShibbolethUserReference.java
===================================================================
+public class ShibbolethUserReference extends TransientUserReference {
+ public ShibbolethUserReference(TransientUser user) {
+}
Index: shibboleth/ShibbolethUtil.java
===================================================================
+public class ShibbolethUtil {
+ public ShibbolethUtil(ServiceManager manager) {
+ public String getHostUrl() {
+ public String getHostUrl(String url) {
Index: shibboleth/ShibbolethModule.java
===================================================================
+public class ShibbolethModule extends AbstractPageEnvelopeModule
implements Serviceable {
+ public Object getAttribute(String name, Configuration modeConf, Map
objectModel)
+ public void service(ServiceManager manager) throws ServiceException {
+}
Index: shibboleth/ShibbolethAuthenticator.java
===================================================================
+public class ShibbolethAuthenticator extends UserAuthenticator
implements Parameterizable,
+ Disposable {
+ public boolean authenticate(AccreditableManager
accreditableManager, Request request,
+ public String getLoginUri(Request request) {
+ public String getTargetUri(Request request) {
+ public void parameterize(Parameters params) throws ParameterException {
+ public AttributeSet getAttributeSet() {
+ public void dispose() {
+}
Index: AccessController.java
===================================================================
public interface AccessController extends Component {
- boolean authenticate(Request request) throws AccessControlException;
+ boolean authenticate(Request request, ErrorHandler handler) throws
AccessControlException;
- boolean authorize(Request request) throws AccessControlException;
+ boolean authorize(Request request, ErrorHandler errorHandler)
throws AccessControlException;
Index: UserManager.java
===================================================================
public interface UserManager extends ItemManager {
+ boolean contains(String userId);
}
Index: ManagedUserReference.java
===================================================================
+public class ManagedUserReference extends UserReference {
+ public ManagedUserReference(String id, String managerId) {
+ public User getUser(AccreditableManager accrMgr) {
+ public boolean canGetUserFrom(AccreditableManager accrMgr) {
+}
Index: saml/UserFieldsMapping.java
===================================================================
+public interface UserFieldsMapping {
+ String ROLE = UserFieldsMapping.class.getName();
+ String getFirstNameAttribute();
+ String getLastNameAttribute();
+ String getEMailAttribute();
+}
Index: saml/impl/UserFieldsMappingImpl.java
===================================================================
+public class UserFieldsMappingImpl extends AbstractLogEnabled
implements UserFieldsMapping,
+ Configurable, ThreadSafe {
+ public void configure(Configuration userfieldMappingConfig) throws
ConfigurationException {
+ public String getFirstNameAttribute() {
+ public String getLastNameAttribute() {
+ public String getEMailAttribute() {
+}
Index: saml/UserFieldsMapper.java
===================================================================
+public class UserFieldsMapper {
+ public UserFieldsMapper(ServiceManager manager, Map samlAttributes) {
+ public String getFirstName() {
+ public String getLastName() {
+ public String getEMail() {
+}
Index: Identifiable.java
===================================================================
-public interface Identifiable extends Accreditable {
+public interface Identifiable extends Serializable {
+ Accreditable[] getAccreditables(AccreditableManager manager);
}
Index: ErrorHandler.java
===================================================================
+public interface ErrorHandler {
+ void error(String message);
+ void error(Message message);
+ Message[] getErrors();
+}
Index: GroupManager.java
===================================================================
public interface GroupManager extends ItemManager {
+ boolean contains(String groupId);
}
Index: World.java
===================================================================
-public final class World implements Identifiable, Serializable {
+public final class World implements Identifiable, Accreditable,
Serializable {
- public Accreditable[] getAccreditables() {
+ public Accreditable[] getAccreditables(AccreditableManager manager) {
+ public String getName() {
}
Index: ManagedUser.java
===================================================================
+public interface ManagedUser extends User, Accreditable {
+ void delete() throws AccessControlException;
+ boolean authenticate(String password);
+ void setPassword(String plainTextPassword);
+ void save() throws AccessControlException;
+}
Index: Item.java
===================================================================
public interface Item {
- void setConfigurationDirectory(File configurationDirectory);
- void configure(Configuration configuration) throws
ConfigurationException;
}
--
Andreas Hartmann, CTO
BeCompany GmbH
http://www.becompany.ch
Tel.: +41 (0) 43 818 57 01
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
