issrg.pba.rbac
Class CustomisePERMIS

java.lang.Object
  extended byissrg.pba.rbac.CustomisePERMIS

public class CustomisePERMIS
extends java.lang.Object

This class should be used to customise the components PERMIS RBAC uses.

These include:

CustomisePERMIS and the creation of PermisRBAC should be in a synchronized block, so the other threads do not modify your settings.

Version:
1.0
Author:
A.Otenko

Field Summary
protected static java.lang.Class authTokenParser
          The class of the default AuthTokenParser (issrg.simplePERMIS.SimplePERMISTokenParser).
static java.lang.Class comparator
          This is the default Role Assignment Rule Comparator, used to optimise the delegation chain validation by applying the most relevant Role Assignment Rules first.
static Clock systemClock
          This is the secure source of time used by PERMIS.
 
Constructor Summary
CustomisePERMIS()
           
 
Method Summary
static void addURLHandler(java.lang.String className)
          This method adds a URL Handler.
static void configureX509Flavour()
          This is the method to configure X.509 flavour into PERMIS: after this PERMIS will accept X.509 ACs by default.
static java.lang.String getAttributeCertificateAttribute()
          This method returns the LDAP attribute name used to retrieve the Attribute Certificates.
static AuthTokenParser getAuthTokenParser()
          This method returns an instance of a AuthTokenParser configured into PERMIS.
static RuleComparator getComparator()
          This method returns an instance of the default Role Assignment Rule Comparator.
static Clock getSystemClock()
          This method returns the clock that will be used for calculating relative validity periods and a time reference for decision-making.
static java.lang.String getUserCertificateAttribute()
          This method returns the LDAP attribute name used to retrieve the Public Key Certificates.
static void registerACExtensions()
          This method registers the default X.509 AC extension parsing classes.
static void registerACExtensions(java.lang.String[] exts)
          This method registers the X.509 AC extension parsing classes provided in addition to already registered exntensions.
static void setAttributeCertificateAttribute(java.lang.String id)
          This method sets the LDAP attribute name used to retrieve the Attribute Certificates.
static void setAuthTokenParser(java.lang.String className)
          Sets the default Auth Token Parser to be used by PERMIS.
static void setComparator(java.lang.String className)
          This method sets the name of the class of the default Role Assignment Rule Comparator.
static void setSystemClock(java.lang.String className)
          Sets the default System Clock to be used by PERMIS.
static void setUserCertificateAttribute(java.lang.String id)
          This method sets the LDAP attribute name used to retrieve the Public Key Certificates.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

systemClock

public static Clock systemClock
This is the secure source of time used by PERMIS.


authTokenParser

protected static java.lang.Class authTokenParser
The class of the default AuthTokenParser (issrg.simplePERMIS.SimplePERMISTokenParser).


comparator

public static java.lang.Class comparator
This is the default Role Assignment Rule Comparator, used to optimise the delegation chain validation by applying the most relevant Role Assignment Rules first.

See Also:
RuleComparator
Constructor Detail

CustomisePERMIS

public CustomisePERMIS()
Method Detail

getSystemClock

public static Clock getSystemClock()
This method returns the clock that will be used for calculating relative validity periods and a time reference for decision-making. Replace it using setSystemClock with your implementation, if you find SystemClock is not secure enough.

Replacing the value does not affect any of the objects already created.


getAuthTokenParser

public static AuthTokenParser getAuthTokenParser()
This method returns an instance of a AuthTokenParser configured into PERMIS.


setAuthTokenParser

public static void setAuthTokenParser(java.lang.String className)
                               throws java.lang.ClassNotFoundException
Sets the default Auth Token Parser to be used by PERMIS. The default is issrg.simplePERMIS.SimplePERMISTokenParser, but other implementations may need a parser for a different token format.

Parameters:
className - - the name of the class to use as the authorisation token parser
Throws:
java.lang.ClassNotFoundException
See Also:
SimplePERMISTokenParser

setSystemClock

public static void setSystemClock(java.lang.String className)
                           throws java.lang.ClassNotFoundException
Sets the default System Clock to be used by PERMIS. The default is issrg.pba.rbac.SystemClock, but other implementations may need a secure timestamping clock.

Parameters:
className - - the name of the class to use as the system clock
Throws:
java.lang.ClassNotFoundException
See Also:
SystemClock

addURLHandler

public static void addURLHandler(java.lang.String className)
                          throws java.lang.ClassNotFoundException
This method adds a URL Handler. This helps XMLParser to construct the policy representation.

Parameters:
className - - the name of the class to be added as a URLHandler.
Throws:
java.lang.ClassNotFoundException
See Also:
URLHandler

configureX509Flavour

public static void configureX509Flavour()
                                 throws PbaException
This is the method to configure X.509 flavour into PERMIS: after this PERMIS will accept X.509 ACs by default.

The method registers the default AuthTokenParser that supports X.509 Attribute Certificates and registers all the AC Extensions.

Throws:
PbaException

getAttributeCertificateAttribute

public static java.lang.String getAttributeCertificateAttribute()
This method returns the LDAP attribute name used to retrieve the Attribute Certificates.


setAttributeCertificateAttribute

public static void setAttributeCertificateAttribute(java.lang.String id)
This method sets the LDAP attribute name used to retrieve the Attribute Certificates.


getUserCertificateAttribute

public static java.lang.String getUserCertificateAttribute()
This method returns the LDAP attribute name used to retrieve the Public Key Certificates.


setUserCertificateAttribute

public static void setUserCertificateAttribute(java.lang.String id)
This method sets the LDAP attribute name used to retrieve the Public Key Certificates.


registerACExtensions

public static void registerACExtensions()
                                 throws PbaException
This method registers the default X.509 AC extension parsing classes.

Throws:
PbaException

registerACExtensions

public static void registerACExtensions(java.lang.String[] exts)
                                 throws PbaException
This method registers the X.509 AC extension parsing classes provided in addition to already registered exntensions.

Throws:
PbaException

getComparator

public static RuleComparator getComparator()
This method returns an instance of the default Role Assignment Rule Comparator.

See Also:
RuleComparator

setComparator

public static void setComparator(java.lang.String className)
                          throws java.lang.ClassNotFoundException
This method sets the name of the class of the default Role Assignment Rule Comparator. It checks that it implements the RuleComparator interface.

Throws:
java.lang.ClassNotFoundException
See Also:
RuleComparator