issrg.pba.rbac
Class PermisSubject

java.lang.Object
  extended by issrg.pba.rbac.PermisSubject
All Implemented Interfaces:
Subject
Direct Known Subclasses:
HandlerSubject, ManagedPermisSubject

public class PermisSubject
extends java.lang.Object
implements Subject

The Permis implementation of a subject. It knows the holder and its credentials, it contains additional service for checking the credentials validity. It knows what policy it is applicable to, and works for one PermisRBAC object only.

Version:
0.2
Author:
A Otenko, E Ball, D W Chadwick

Field Summary
protected  PBAAPI owner
           
protected  java.lang.String PolicyOID
           
 
Constructor Summary
protected PermisSubject()
           
protected PermisSubject(PBAAPI owner, java.security.Principal DN, CredentialsService service, java.lang.String PolicyOID, Credentials creds)
          This constructor builds a subject from a distinguished name and the credentials the holder possesses.
 
Method Summary
 Credentials exportCreds()
          This method returns the Credentials (roles for the Permis project) of the subject.
 java.security.Principal getHolder()
          This method returns the distinguished name of the subject.
 java.lang.String getName()
          This method returns the distinguished name of the subject as a string.
 PBAAPI getOwner()
          This method returns the owner of the Subject object.
 CredentialsService getService()
          This method returns the object providing additional service on the set of credentials.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

PolicyOID

protected java.lang.String PolicyOID

owner

protected PBAAPI owner
Constructor Detail

PermisSubject

protected PermisSubject()

PermisSubject

protected PermisSubject(PBAAPI owner,
                        java.security.Principal DN,
                        CredentialsService service,
                        java.lang.String PolicyOID,
                        Credentials creds)
This constructor builds a subject from a distinguished name and the credentials the holder possesses.

Parameters:
owner - is the reference to the PBA API implementation that has created this object; so the owner could ensure it uses the subject for the right policy
DN - the distinguished name of the subject
service - is the run-time restriction on use of the credential set contained within this Subject
policyOID - The OID of the policy controlling the subject
creds - the Credential of the subject
Method Detail

exportCreds

public Credentials exportCreds()
This method returns the Credentials (roles for the Permis project) of the subject.

Specified by:
exportCreds in interface Subject
Returns:
the Credential of the subject

getHolder

public java.security.Principal getHolder()
This method returns the distinguished name of the subject.

Specified by:
getHolder in interface Subject
Returns:
the Principal, representing the name of the holder

getName

public java.lang.String getName()
This method returns the distinguished name of the subject as a string.

Returns:
the String representation of the holder name

getService

public CredentialsService getService()
This method returns the object providing additional service on the set of credentials.

Specified by:
getService in interface Subject
Returns:
the CredentialService instance; can be null, if no additional services were attached to the credentials

getOwner

public PBAAPI getOwner()
This method returns the owner of the Subject object.

Specified by:
getOwner in interface Subject
Returns:
the parent PBAAPI