org.apache.jetspeed.services.security
Interface RoleManagement

All Superinterfaces:
org.apache.turbine.services.Initable, org.apache.turbine.services.Service
All Known Implementing Classes:
LDAPRoleManagement, NoRoleManagement, TurbineRoleManagement

public interface RoleManagement
extends org.apache.turbine.services.Service

The RoleManagement interface describes contract between the portal and security provider required for Jetspeed Role Management. This interface enables an application to be independent of the underlying role management technology.

Version:
$Id: RoleManagement.java,v 1.4 2004/02/23 03:58:11 jford Exp $
Author:
David Sean Taylor, Mark Orciuch

Field Summary
static java.lang.String DEFAULT_ROLE_NAME
           
static java.lang.String SERVICE_NAME
           
 
Method Summary
 void addRole(Role role)
          Adds a Role into permanent storage.
 Role getRole(java.lang.String rolename)
          Retrieves a single Role for a given rolename principal.
 java.util.Iterator getRoles()
          Retrieves all Roles.
 java.util.Iterator getRoles(java.lang.String username)
          Retrieves all Roles for a given username principal.
 void grantRole(java.lang.String username, java.lang.String rolename)
          Grants a role to a user.
 void grantRole(java.lang.String username, java.lang.String rolename, java.lang.String groupName)
           
 boolean hasRole(java.lang.String username, java.lang.String rolename)
          Checks for the relationship of user has a role.
 boolean hasRole(java.lang.String username, java.lang.String rolename, java.lang.String groupname)
           
 void removeRole(java.lang.String rolename)
          Removes a Role from the permanent store.
 void revokeRole(java.lang.String username, java.lang.String rolename)
          Revokes a role from a user.
 void revokeRole(java.lang.String username, java.lang.String rolename, java.lang.String groupname)
           
 void saveRole(Role role)
          Saves a Role into permanent storage.
 
Methods inherited from interface org.apache.turbine.services.Service
getConfiguration, getName, getProperties, setName, setServiceBroker
 
Methods inherited from interface org.apache.turbine.services.Initable
getInit, init, init, setInitableBroker, shutdown
 

Field Detail

SERVICE_NAME

public static final java.lang.String SERVICE_NAME
See Also:
Constant Field Values

DEFAULT_ROLE_NAME

public static final java.lang.String DEFAULT_ROLE_NAME
See Also:
Constant Field Values
Method Detail

getRoles

public java.util.Iterator getRoles(java.lang.String username)
                            throws JetspeedSecurityException
Retrieves all Roles for a given username principal. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Parameters:
username - a user principal identity to be retrieved.
Returns:
Iterator over all roles associated to the user principal.
Throws:
RoleException - when the security provider has a general failure.
InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege
JetspeedSecurityException

getRoles

public java.util.Iterator getRoles()
                            throws JetspeedSecurityException
Retrieves all Roles. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Returns:
Iterator over all roles.
Throws:
RoleException - when the security provider has a general failure.
InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege
JetspeedSecurityException

addRole

public void addRole(Role role)
             throws JetspeedSecurityException
Adds a Role into permanent storage. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Throws:
RoleException - when the security provider has a general failure.
InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege
JetspeedSecurityException

saveRole

public void saveRole(Role role)
              throws JetspeedSecurityException
Saves a Role into permanent storage. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Throws:
RoleException - when the security provider has a general failure.
InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege
JetspeedSecurityException

removeRole

public void removeRole(java.lang.String rolename)
                throws JetspeedSecurityException
Removes a Role from the permanent store. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Parameters:
rolename - the principal identity of the role to be retrieved.
Throws:
RoleException - when the security provider has a general failure.
InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege
JetspeedSecurityException

grantRole

public void grantRole(java.lang.String username,
                      java.lang.String rolename)
               throws JetspeedSecurityException
Grants a role to a user. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Throws:
RoleException - when the security provider has a general failure retrieving roles.
InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege
JetspeedSecurityException

grantRole

public void grantRole(java.lang.String username,
                      java.lang.String rolename,
                      java.lang.String groupName)
               throws JetspeedSecurityException
Throws:
JetspeedSecurityException

revokeRole

public void revokeRole(java.lang.String username,
                       java.lang.String rolename)
                throws JetspeedSecurityException
Revokes a role from a user. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Throws:
RoleException - when the security provider has a general failure retrieving roles.
InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege
JetspeedSecurityException

revokeRole

public void revokeRole(java.lang.String username,
                       java.lang.String rolename,
                       java.lang.String groupname)
                throws JetspeedSecurityException
Throws:
JetspeedSecurityException

hasRole

public boolean hasRole(java.lang.String username,
                       java.lang.String rolename)
                throws JetspeedSecurityException
Checks for the relationship of user has a role. Returns true when the user has the given role. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Throws:
RoleException - when the security provider has a general failure retrieving roles.
InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege
JetspeedSecurityException

hasRole

public boolean hasRole(java.lang.String username,
                       java.lang.String rolename,
                       java.lang.String groupname)
                throws JetspeedSecurityException
Throws:
JetspeedSecurityException

getRole

public Role getRole(java.lang.String rolename)
             throws JetspeedSecurityException
Retrieves a single Role for a given rolename principal. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Parameters:
rolename - a role principal identity to be retrieved.
Returns:
Role the role record retrieved.
Throws:
RoleException - when the security provider has a general failure.
InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege
JetspeedSecurityException


Copyright © 2000-2005 Apache Software Foundation. All Rights Reserved.