issrg.pba.rbac
Class PermisCredentials

java.lang.Object
  extended by issrg.pba.rbac.SubsetCredentials
      extended by issrg.pba.rbac.RoleBasedCredentials
          extended by issrg.pba.rbac.PermisCredentials
All Implemented Interfaces:
Credentials, Role, java.lang.Cloneable

public class PermisCredentials
extends RoleBasedCredentials

This is the implementation of the credential for a role based scheme with a hierarchy. It combines a roleType and a roleValue. The roleType is a string, and will be the LDAP name of the AC attribute type. The roleValue will be a RoleHierarchyNode (containing the actual role value) and will be the attribute value.

Version:
0.2
Author:
A. Otenko, E. Ball, D. Chadwick

Field Summary
 
Fields inherited from class issrg.pba.rbac.RoleBasedCredentials
roleType
 
Constructor Summary
protected PermisCredentials()
           
  PermisCredentials(RoleHierarchyNode roleValue)
          This is the constructor that builds the object by specifying its RoleHierarchyNode (the node that is aware of the hierarchy structure).
  PermisCredentials(java.lang.String roleType)
          This is the constructor that builds the object by specifying its RoleType (the name, used in the Policy XML).
 
Method Summary
 java.lang.Object clone()
          This method creates a copy of the object.
 boolean contains(Credentials c)
          This method returns the result of comparing these credentials to the given credentials.
 java.lang.Object getRoleValue()
          This method returns the attribute value of the Role.
 java.lang.String getRoleValueAsString()
          This method returns the role value as a String.
 Credentials intersection(Credentials what)
          This method overrides the inherited intersection method to optimise the intersection of two PermisCredentials, one of which is "ANY VALUE".
 Credentials union(Credentials what)
          This method overrides the inherited union method to optimise the union of two PermisCredentials, one of which is "ANY VALUE".
 
Methods inherited from class issrg.pba.rbac.RoleBasedCredentials
getRoleType, getRoleValues, newCredentials, toString
 
Methods inherited from class issrg.pba.rbac.SubsetCredentials
equals
 
Methods inherited from class java.lang.Object
finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

PermisCredentials

protected PermisCredentials()

PermisCredentials

public PermisCredentials(java.lang.String roleType)
This is the constructor that builds the object by specifying its RoleType (the name, used in the Policy XML). This constructor should be used only for building the "ANY VALUE" role, which is used in the Policy, and can never be granted to a user.

Parameters:
roleType - is the type of the Role

PermisCredentials

public PermisCredentials(RoleHierarchyNode roleValue)
This is the constructor that builds the object by specifying its RoleHierarchyNode (the node that is aware of the hierarchy structure). Note that RoleHierarchyNodes are constructed by XMLPolicyParser. The role based AuthTokenParsers should use the hierarchy defined by XMLPolicyParser, when constructing PermisCredentials; without this the PermisCredentials cannot discover hierarchical relationships between the roles.

Parameters:
roleValue - is the node, representing the value of the Role; cannot be null
Method Detail

getRoleValueAsString

public java.lang.String getRoleValueAsString()
This method returns the role value as a String.

Returns:
the String representation of the Role value (Permis Roles have only string values), as specified in the Policy XML, or null, if any value is matched by this object

getRoleValue

public java.lang.Object getRoleValue()
This method returns the attribute value of the Role. It is inherited from the RoleBasedCredential, and its use is limited, like that of getRoleValueAsString. In fact, it does the same.

Specified by:
getRoleValue in interface Role
Overrides:
getRoleValue in class RoleBasedCredentials
Returns:
the String that is the value of the Role
See Also:
getRoleValueAsString()

contains

public boolean contains(Credentials c)
This method returns the result of comparing these credentials to the given credentials.

Specified by:
contains in interface Credentials
Overrides:
contains in class RoleBasedCredentials
Parameters:
c - is the credentials to compare to
Returns:
true if the given Credentials is castable to PermisCredentials, and the Role, allocated to this object is superior or equal to the Role of the given Credentials, as specified by the Role Hierarchy in the Policy XML
See Also:
SetOfSubsetsCredentials

intersection

public Credentials intersection(Credentials what)
This method overrides the inherited intersection method to optimise the intersection of two PermisCredentials, one of which is "ANY VALUE".

Specified by:
intersection in interface Credentials
Overrides:
intersection in class SubsetCredentials
Parameters:
what - is the credential to intersect with
Returns:
the Credential that is the intersection of the two

union

public Credentials union(Credentials what)
This method overrides the inherited union method to optimise the union of two PermisCredentials, one of which is "ANY VALUE".

Specified by:
union in interface Credentials
Overrides:
union in class SubsetCredentials
Parameters:
what - is the credentials object to join with
Returns:
the Credentials object that is the union of the two

clone

public java.lang.Object clone()
This method creates a copy of the object.

Specified by:
clone in interface Credentials
Overrides:
clone in class RoleBasedCredentials
Returns:
a PermisCredential object with the same properties as this object