issrg.pba.rbac.x509
Class SimplePERMISACPolicyFinder
java.lang.Object
issrg.pba.rbac.PolicyFinder
issrg.pba.rbac.x509.SimplePERMISACPolicyFinder
- Direct Known Subclasses:
- RepositoryACPolicyFinder
- public class SimplePERMISACPolicyFinder
- extends PolicyFinder
This is a simple Policy Finder that can be instantiated from an instance of
an X.509 Attribute Certificate. It is useful to extend from: collect the
Attribute Certificates, then invoke initPolicyFromACArray to initialise the
Policy Finder.
- Author:
- gansen
Method Summary |
protected void |
initPolicyFromACArray(byte[][] acBinary,
java.lang.String policyID,
java.security.Principal SOA,
SignatureVerifier SV)
This method looks for the right policy among an array of X.509 Attribute
Certificates. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SimplePERMISACPolicyFinder
protected SimplePERMISACPolicyFinder()
SimplePERMISACPolicyFinder
public SimplePERMISACPolicyFinder(byte[] acBinary,
java.lang.String PolicyId,
java.security.Principal SOA,
SignatureVerifier SV)
throws PbaException
- This constructor builds a Policy Finder given an AC, the identifier of
the policy and the identity of the policy issuer. Only if the AC holds
the required policy construction succeeds. This constructor invokes the
initPolicyFromACArray directly, see that method description for
additional details.
- Parameters:
acBinary
- - the array of byte arrays, each representing a
BER-encoded or Base64 encoding of a BER-encoded X.509 ACSOA
- - the Principal naming the issuer of the policy (must be the
Holder and Issuer of the self-signed Attribute Certificate)SV
- - the SignatureVerifier to use; if null, digital signatures on
the ACs are not checked (NOT RECOMMENDED FOR PRODUCTION DEPLOYMENTS!)
initPolicyFromACArray
protected void initPolicyFromACArray(byte[][] acBinary,
java.lang.String policyID,
java.security.Principal SOA,
SignatureVerifier SV)
throws PbaException
- This method looks for the right policy among an array of X.509 Attribute
Certificates. The policy is identified by its Policy ID (OID in PERMIS
XML) and the name of the issuer of the policy. The signatures on the
ACs are validated using the SignatureVerifier provided, if any.
- Parameters:
acBinary
- - the array of byte arrays, each representing a
BER-encoded or Base64 encoding of a BER-encoded X.509 ACpolicyID
- - the identifier of the policy to useSOA
- - the Principal naming the issuer of the policy (must be the
Holder and Issuer of the self-signed Attribute Certificate)SV
- - the SignatureVerifier to use; if null, digital signatures on
the ACs are not checked (NOT RECOMMENDED FOR PRODUCTION DEPLOYMENTS!)
- Throws:
PbaException