issrg.pba
Interface Subject

All Known Subinterfaces:

ManagedSubject

All Known Implementing Classes:

HandlerSubject, ManagedPermisSubject, PermisSubject

public interface Subject

This is an interface defining basic operations on a Subject. A Subject object can tell the name of the holder, the set of credentials and contains a CredentialService object, which provides additional service on the set of credentials for the AEF (Access decision Enforcement Function, as per ISO 10181-3 access control framework).

Version:

0.2

Author:

A Otenko

Method Summary

Credentials	exportCreds() This method returns the set of credentials owned by the holder.
java.security.Principal	getHolder() This method returns the holder of the set of the credentials.
PBAAPI	getOwner() This method returns the owner of the Subject object, so the owner can ensure it uses its own Subjects (and not forged by someone else, or for expired policy).
CredentialsService	getService() This method returns the service object.

Method Detail

getHolder

java.security.Principal getHolder()

This method returns the holder of the set of the credentials.

Returns:

the holders principal object

exportCreds

Credentials exportCreds()

This method returns the set of credentials owned by the holder. In fact, this is the Initiator's ADI (see ISO 10181-3).

Returns:

the credentials for the subject

getService

CredentialsService getService()

This method returns the service object. Such objects provide additional help for the AEF by checking the Session Time, for example. There can be no service set for a Subject, in which case null should be returned.

Returns:

The Credentials service contained by the subject

getOwner

PBAAPI getOwner()

This method returns the owner of the Subject object, so the owner can ensure it uses its own Subjects (and not forged by someone else, or for expired policy).

Returns:

the parent PBAAPI