org.apache.jetspeed.services.security
Interface RoleManagement

All Superinterfaces:

org.apache.turbine.services.Initable, org.apache.turbine.services.Service

All Known Implementing Classes:

LDAPRoleManagement, NoRoleManagement, TurbineRoleManagement

public interface RoleManagement

extends org.apache.turbine.services.Service

The RoleManagement interface describes contract between the portal and security provider required for Jetspeed Role Management. This interface enables an application to be independent of the underlying role management technology.

Version:

$Id: RoleManagement.java,v 1.4 2004/02/23 03:58:11 jford Exp $

Author:

David Sean Taylor, Mark Orciuch

Field Summary

static java.lang.String	DEFAULT_ROLE_NAME
static java.lang.String	SERVICE_NAME

Method Summary

void	addRole(Role role) Adds a Role into permanent storage.
Role	getRole(java.lang.String rolename) Retrieves a single Role for a given rolename principal.
java.util.Iterator	getRoles() Retrieves all Roles.
java.util.Iterator	getRoles(java.lang.String username) Retrieves all Roles for a given username principal.
void	grantRole(java.lang.String username, java.lang.String rolename) Grants a role to a user.
void	grantRole(java.lang.String username, java.lang.String rolename, java.lang.String groupName)
boolean	hasRole(java.lang.String username, java.lang.String rolename) Checks for the relationship of user has a role.
boolean	hasRole(java.lang.String username, java.lang.String rolename, java.lang.String groupname)
void	removeRole(java.lang.String rolename) Removes a Role from the permanent store.
void	revokeRole(java.lang.String username, java.lang.String rolename) Revokes a role from a user.
void	revokeRole(java.lang.String username, java.lang.String rolename, java.lang.String groupname)
void	saveRole(Role role) Saves a Role into permanent storage.

Methods inherited from interface org.apache.turbine.services.Service

getConfiguration, getName, getProperties, setName, setServiceBroker

Methods inherited from interface org.apache.turbine.services.Initable

getInit, init, init, setInitableBroker, shutdown

Field Detail

SERVICE_NAME

public static final java.lang.String SERVICE_NAME

See Also:

Constant Field Values

DEFAULT_ROLE_NAME

public static final java.lang.String DEFAULT_ROLE_NAME

See Also:

Constant Field Values

Method Detail

getRoles

public java.util.Iterator getRoles(java.lang.String username)
                            throws JetspeedSecurityException

Retrieves all Roles for a given username principal. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Parameters:

username - a user principal identity to be retrieved.

Returns:

Iterator over all roles associated to the user principal.

Throws:

RoleException - when the security provider has a general failure.

InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege

JetspeedSecurityException

getRoles

public java.util.Iterator getRoles()
                            throws JetspeedSecurityException

Retrieves all Roles. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Returns:

Iterator over all roles.

Throws:

RoleException - when the security provider has a general failure.

InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege

JetspeedSecurityException

addRole

public void addRole(Role role)
             throws JetspeedSecurityException

Adds a Role into permanent storage. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Throws:

RoleException - when the security provider has a general failure.

InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege

JetspeedSecurityException

saveRole

public void saveRole(Role role)
              throws JetspeedSecurityException

Saves a Role into permanent storage. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Throws:

RoleException - when the security provider has a general failure.

InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege

JetspeedSecurityException

removeRole

public void removeRole(java.lang.String rolename)
                throws JetspeedSecurityException

Removes a Role from the permanent store. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Parameters:

rolename - the principal identity of the role to be retrieved.

Throws:

RoleException - when the security provider has a general failure.

InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege

JetspeedSecurityException

grantRole

public void grantRole(java.lang.String username,
                      java.lang.String rolename)
               throws JetspeedSecurityException

Grants a role to a user. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Throws:

RoleException - when the security provider has a general failure retrieving roles.

InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege

JetspeedSecurityException

grantRole

public void grantRole(java.lang.String username,
                      java.lang.String rolename,
                      java.lang.String groupName)
               throws JetspeedSecurityException

Throws:

JetspeedSecurityException

revokeRole

public void revokeRole(java.lang.String username,
                       java.lang.String rolename)
                throws JetspeedSecurityException

Revokes a role from a user. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Throws:

RoleException - when the security provider has a general failure retrieving roles.

InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege

JetspeedSecurityException

revokeRole

public void revokeRole(java.lang.String username,
                       java.lang.String rolename,
                       java.lang.String groupname)
                throws JetspeedSecurityException

Throws:

JetspeedSecurityException

hasRole

public boolean hasRole(java.lang.String username,
                       java.lang.String rolename)
                throws JetspeedSecurityException

Checks for the relationship of user has a role. Returns true when the user has the given role. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Throws:

RoleException - when the security provider has a general failure retrieving roles.

InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege

JetspeedSecurityException

hasRole

public boolean hasRole(java.lang.String username,
                       java.lang.String rolename,
                       java.lang.String groupname)
                throws JetspeedSecurityException

Throws:

JetspeedSecurityException

getRole

public Role getRole(java.lang.String rolename)
             throws JetspeedSecurityException

Retrieves a single Role for a given rolename principal. The security service may optionally check the current user context to determine if the requestor has permission to perform this action.

Parameters:

rolename - a role principal identity to be retrieved.

Returns:

Role the role record retrieved.

Throws:

RoleException - when the security provider has a general failure.

InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege

JetspeedSecurityException