issrg.pba
Interface DelegatableToken

All Superinterfaces:
ParsedToken
All Known Implementing Classes:
DefaultDelegatableToken, WebDAVRevocableDelegatableParsedToken

public interface DelegatableToken
extends ParsedToken

This interface represents a implementation-independent Delegatable Authorisation Token. In default PERMIS RBAC the implementation-specific AuthZ Tokens are X.509 Attribute Certificates.


Method Summary
 Credentials getDelegateableCredentials()
          This method extracts the delegatable Credentials from the object representing the Authorisation Token.
 int getDepth()
          This method returns the depth of delegation chain allowed for the holder of this token.
 Subtree getSubjectDomain()
          This method returns a domain of subjects to whom the holder of the token can delegate the Delegateable Credentials to.
 
Methods inherited from interface issrg.pba.ParsedToken
getCredentials, getHolder, getIssuerTokenLocator, isRevocable
 

Method Detail

getDelegateableCredentials

Credentials getDelegateableCredentials()
This method extracts the delegatable Credentials from the object representing the Authorisation Token.

The result is never null.

Returns:
Credentials is the delegatable Credentials that the Authorisation Token contains

getSubjectDomain

Subtree getSubjectDomain()
This method returns a domain of subjects to whom the holder of the token can delegate the Delegateable Credentials to.


getDepth

int getDepth()
This method returns the depth of delegation chain allowed for the holder of this token. "0" means one level down, "1" means two leves down... "-1" means infinity.