issrg.pba
Interface DelegatableToken

All Superinterfaces:
ParsedToken
All Known Implementing Classes:
DefaultDelegatableToken

public interface DelegatableToken
extends ParsedToken

This interface represents a implementation-independent Delegatable Authorisation Token. In default PERMIS RBAC the implementation-specific AuthZ Tokens are X.509 Attribute Certificates.


Method Summary
 Credentials getDelegateableCredentials()
          This method extracts the delegatable Credentials from the object representing the Authorisation Token.
 int getDepth()
          This method returns the depth of delegation chain allowed for the holder of this token. "0" means one level down, "1" means two leves down... "-1" means infinity.
 Subtree getSubjectDomain()
          This method returns a domain of subjects to whom the holder of the token can delegate the Delegateable Credentials to.
 
Methods inherited from interface issrg.pba.ParsedToken
getCredentials, getHolder, getIssuerTokenLocator
 

Method Detail

getDelegateableCredentials

public Credentials getDelegateableCredentials()
This method extracts the delegatable Credentials from the object representing the Authorisation Token.

The result is never null.

Returns:
Credentials is the delegatable Credentials that the Authorisation Token contains

getSubjectDomain

public Subtree getSubjectDomain()
This method returns a domain of subjects to whom the holder of the token can delegate the Delegateable Credentials to.


getDepth

public int getDepth()
This method returns the depth of delegation chain allowed for the holder of this token. "0" means one level down, "1" means two leves down... "-1" means infinity.