001 /* AuthorizeCallback.java --
002 Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc.
003
004 This file is part of GNU Classpath.
005
006 GNU Classpath is free software; you can redistribute it and/or modify
007 it under the terms of the GNU General Public License as published by
008 the Free Software Foundation; either version 2, or (at your option)
009 any later version.
010
011 GNU Classpath is distributed in the hope that it will be useful, but
012 WITHOUT ANY WARRANTY; without even the implied warranty of
013 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014 General Public License for more details.
015
016 You should have received a copy of the GNU General Public License
017 along with GNU Classpath; see the file COPYING. If not, write to the
018 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
019 02110-1301 USA.
020
021 Linking this library statically or dynamically with other modules is
022 making a combined work based on this library. Thus, the terms and
023 conditions of the GNU General Public License cover the whole
024 combination.
025
026 As a special exception, the copyright holders of this library give you
027 permission to link this library with independent modules to produce an
028 executable, regardless of the license terms of these independent
029 modules, and to copy and distribute the resulting executable under
030 terms of your choice, provided that you also meet, for each linked
031 independent module, the terms and conditions of the license of that
032 module. An independent module is a module which is not derived from
033 or based on this library. If you modify this library, you may extend
034 this exception to your version of the library, but you are not
035 obligated to do so. If you do not wish to do so, delete this
036 exception statement from your version. */
037
038
039 package javax.security.sasl;
040
041 import java.io.Serializable;
042 import javax.security.auth.callback.Callback;
043
044 /**
045 * This callback is used by {@link SaslServer} to determine whether one entity
046 * (identified by an authenticated authentication ID) can act on behalf of
047 * another entity (identified by an authorization ID).
048 *
049 * @since 1.5
050 */
051 public class AuthorizeCallback implements Callback, Serializable
052 {
053 // Constants and variables
054 // -------------------------------------------------------------------------
055
056 private static final long serialVersionUID = -2353344186490470805L;
057
058 /** @serial The (authenticated) authentication id to check. */
059 private String authenticationID = null;
060
061 /** @serial The authorization id to check. */
062 private String authorizationID = null;
063
064 /**
065 * @serial The id of the authorized entity. If null, the id of the authorized
066 * entity is authorizationID.
067 */
068 private String authorizedID = null;
069
070 /**
071 * @serial A flag indicating whether the authentication id is allowed to act
072 * on behalf of the authorization id.
073 */
074 private boolean authorized = false;
075
076 // Constructor(s)
077 // -------------------------------------------------------------------------
078
079 /**
080 * Constructs an instance of <code>AuthorizeCallback</code>.
081 *
082 * @param authnID the (authenticated) authentication ID.
083 * @param authzID the authorization ID.
084 */
085 public AuthorizeCallback(String authnID, String authzID)
086 {
087 super();
088
089 this.authenticationID = authnID;
090 this.authorizationID = authzID;
091 }
092
093 // Class methods
094 // -------------------------------------------------------------------------
095
096 // Instance methods
097 // -------------------------------------------------------------------------
098
099 /**
100 * Returns the authentication ID to check.
101 *
102 * @return the authentication ID to check
103 */
104 public String getAuthenticationID()
105 {
106 return authenticationID;
107 }
108
109 /**
110 * Returns the authorization ID to check.
111 *
112 * @return the authorization ID to check.
113 */
114 public String getAuthorizationID()
115 {
116 return authorizationID;
117 }
118
119 /**
120 * Determines if the identity represented by authentication ID is allowed to
121 * act on behalf of the authorization ID.
122 *
123 * @return <code>true</code> if authorization is allowed; <code>false</code>
124 * otherwise.
125 * @see #setAuthorized(boolean)
126 * @see #getAuthorizedID()
127 */
128 public boolean isAuthorized()
129 {
130 return authorized;
131 }
132
133 /**
134 * Sets if authorization is allowed or not.
135 *
136 * @param authorized <code>true</code> if authorization is allowed;
137 * <code>false</code> otherwise.
138 * @see #isAuthorized()
139 * @see #setAuthorizedID(String)
140 */
141 public void setAuthorized(boolean authorized)
142 {
143 this.authorized = authorized;
144 }
145
146 /**
147 * Returns the ID of the authorized user.
148 *
149 * @return the ID of the authorized user. <code>null</code> means the
150 * authorization failed.
151 * @see #setAuthorized(boolean)
152 * @see #setAuthorizedID(String)
153 */
154 public String getAuthorizedID()
155 {
156 if (!authorized)
157 {
158 return null;
159 }
160 return (authorizedID != null ? authorizedID : authorizationID);
161 }
162
163 /**
164 * Sets the ID of the authorized entity. Called by handler only when the ID
165 * is different from {@link #getAuthorizationID()}. For example, the ID might
166 * need to be canonicalized for the environment in which it will be used.
167 *
168 * @see #setAuthorized(boolean)
169 * @see #getAuthorizedID()
170 */
171 public void setAuthorizedID(String id)
172 {
173 this.authorizedID = id;
174 }
175 }