issrg.pba.repository
Interface AuthzTokenRepository

All Known Implementing Classes:
SimplePERMISAuthzTokenRepository

public interface AuthzTokenRepository

This interface specifies the way Authorisation Tokens should be retrieved. The implementations should return tokens that can be parsed from which the credentials can then be extracted.

Version:
1.0
Author:
A Otenko

Method Summary
 javax.naming.directory.Attribute getAuthTokens(TokenLocator subject)
          This method retrieves Authorisation Tokens (as directory attributes) for a given entry from the repository.
 ParsedToken[] getParsedAuthTokens(TokenLocator subject)
          This method returns the all the related tokens in a parsed form.
 

Method Detail

getAuthTokens

javax.naming.directory.Attribute getAuthTokens(TokenLocator subject)
                                               throws PbaException
This method retrieves Authorisation Tokens (as directory attributes) for a given entry from the repository. The TokenLocator (name of the holder and some alternative name) is the locator of the Token. Note that the returned authorisation tokens may be valid or invalid according to the PERMIS policy, and may be authentic or not authentic ( as determined later by the signature verification).

Parameters:
subject - is the TokenLocator of the holder of the authorisation token
Returns:
a collection of authorisation tokens (as directory attributes) associated with the subject and held in its entry in the repository, or null if no tokens were contained within the entry. Note that implementations should throw an exception if a subject entry does not exist in the repository.
Throws:
PbaException - in case of any error while retrieving the tokens

getParsedAuthTokens

ParsedToken[] getParsedAuthTokens(TokenLocator subject)
                                  throws PbaException
This method returns the all the related tokens in a parsed form. Implementation of this function may be able to retrieve related tokens from a repository, and parse the retrieved tokens.

Effectively, this method should be the same as calling getAuthTokens, then parsing them with a preconfigured AuthTokenParser, ignoring the malformed Authorization Tokens.

Parameters:
subject - is the TokenLocator of the holder of the authorisation token
Returns:
an array of parsed tokens. It is never null, but some entries in the array may be null. Empty array may be retruned meaning that no tokens are available.
Throws:
PbaException