releases/latest/javadoc/org/apache/geode/cache/query/security/MethodInvocationAuthorizer.html - geode-site - Git at Google

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <!-- NewPage -->
 <html lang="en">
 <head>
 <!-- Generated by javadoc -->
 <title>MethodInvocationAuthorizer (Apache Geode 1.15.1)</title>
 <link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
 <script type="text/javascript" src="../../../../../../script.js"></script>
 </head>
 <body>
 <script type="text/javascript"><!--
     try {
         if (location.href.indexOf('is-external=true') == -1) {
             parent.document.title="MethodInvocationAuthorizer (Apache Geode 1.15.1)";
         }
     }
     catch(err) {
     }
 //-->
 var methods = {"i0":6,"i1":18};
 var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"],16:["t5","Default Methods"]};
 var altColor = "altColor";
 var rowColor = "rowColor";
 var tableTab = "tableTab";
 var activeTableTab = "activeTableTab";
 </script>
 <noscript>
 <div>JavaScript is disabled on your browser.</div>
 </noscript>
 <!-- ========= START OF TOP NAVBAR ======= -->
 <div class="topNav"><a name="navbar.top">
 <!--   -->
 </a>
 <div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
 <a name="navbar.top.firstrow">
 <!--   -->
 </a>
 <ul class="navList" title="Navigation">
 <li><a href="../../../../../../overview-summary.html">Overview</a></li>
 <li><a href="package-summary.html">Package</a></li>
 <li class="navBarCell1Rev">Class</li>
 <li><a href="package-tree.html">Tree</a></li>
 <li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
 <li><a href="../../../../../../index-all.html">Index</a></li>
 <li><a href="../../../../../../help-doc.html">Help</a></li>
 </ul>
 </div>
 <div class="subNav">
 <ul class="navList">
 <li><a href="../../../../../../org/apache/geode/cache/query/security/JavaBeanAccessorMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
 <li><a href="../../../../../../org/apache/geode/cache/query/security/RegExMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security"><span class="typeNameLink">Next&nbsp;Class</span></a></li>
 </ul>
 <ul class="navList">
 <li><a href="../../../../../../index.html?org/apache/geode/cache/query/security/MethodInvocationAuthorizer.html" target="_top">Frames</a></li>
 <li><a href="MethodInvocationAuthorizer.html" target="_top">No&nbsp;Frames</a></li>
 </ul>
 <ul class="navList" id="allclasses_navbar_top">
 <li><a href="../../../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
 </ul>
 <div>
 <script type="text/javascript"><!--
   allClassesLink = document.getElementById("allclasses_navbar_top");
   if(window==top) {
     allClassesLink.style.display = "block";
   }
   else {
     allClassesLink.style.display = "none";
   }
   //-->
 </script>
 </div>
 <div>
 <ul class="subNavList">
 <li>Summary:&nbsp;</li>
 <li>Nested&nbsp;|&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li>Constr&nbsp;|&nbsp;</li>
 <li><a href="#method.summary">Method</a></li>
 </ul>
 <ul class="subNavList">
 <li>Detail:&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li>Constr&nbsp;|&nbsp;</li>
 <li><a href="#method.detail">Method</a></li>
 </ul>
 </div>
 <a name="skip.navbar.top">
 <!--   -->
 </a></div>
 <!-- ========= END OF TOP NAVBAR ========= -->
 <!-- ======== START OF CLASS DATA ======== -->
 <div class="header">
 <div class="subTitle">org.apache.geode.cache.query.security</div>
 <h2 title="Interface MethodInvocationAuthorizer" class="title">Interface MethodInvocationAuthorizer</h2>
 </div>
 <div class="contentContainer">
 <div class="description">
 <ul class="blockList">
 <li class="blockList">
 <dl>
 <dt>All Known Implementing Classes:</dt>
 <dd><a href="../../../../../../org/apache/geode/examples/security/ExampleAnnotationBasedMethodInvocationAuthorizer.html" title="class in org.apache.geode.examples.security">ExampleAnnotationBasedMethodInvocationAuthorizer</a>, <a href="../../../../../../org/apache/geode/cache/query/security/JavaBeanAccessorMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security">JavaBeanAccessorMethodAuthorizer</a>, <a href="../../../../../../org/apache/geode/cache/query/security/RegExMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security">RegExMethodAuthorizer</a>, <a href="../../../../../../org/apache/geode/cache/query/security/RestrictedMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security">RestrictedMethodAuthorizer</a>, <a href="../../../../../../org/apache/geode/cache/query/security/UnrestrictedMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security">UnrestrictedMethodAuthorizer</a></dd>
 </dl>
 <hr>
 <br>
 <pre>public interface <span class="typeNameLabel">MethodInvocationAuthorizer</span></pre>
 <div class="block">The root interface that should be implemented by method invocation authorizer instances.
  The authorizer is responsible for determining whether a <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/reflect/Method.html?is-external=true" title="class or interface in java.lang.reflect"><code>Method</code></a> is
  allowed to be executed on a specific <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang"><code>Object</code></a> instance. Implementations of this
  interface should provide a no-arg constructor.
  <p>

  There are mainly four security risks when allowing users to execute arbitrary methods in OQL,
  which should be addressed by implementations of this interface:
  <ul>
  <li><code>Java Reflection</code>: do anything through <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#getClass--" title="class or interface in java.lang"><code>Object.getClass()</code></a> or similar.
  <li><code>Cache Modification</code>: execute <a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache"><code>Cache</code></a> operations (close, get regions, etc.).
  <li><code>Region Modification</code>: execute <a href="../../../../../../org/apache/geode/cache/Region.html" title="interface in org.apache.geode.cache"><code>Region</code></a> operations (destroy, invalidate, etc.).
  <li><code>Region Entry Modification</code>: execute in-place modifications on the region entries.
  </ul>
  <p>

  Implementations of this interface should be thread-safe: multiple threads might be authorizing
  several method invocations using the same instance at the same time.</div>
 </li>
 </ul>
 </div>
 <div class="summary">
 <ul class="blockList">
 <li class="blockList">
 <!-- ========== METHOD SUMMARY =========== -->
 <ul class="blockList">
 <li class="blockList"><a name="method.summary">
 <!--   -->
 </a>
 <h3>Method Summary</h3>
 <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
 <caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t5" class="tableTab"><span><a href="javascript:show(16);">Default Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
 <tr>
 <th class="colFirst" scope="col">Modifier and Type</th>
 <th class="colLast" scope="col">Method and Description</th>
 </tr>
 <tr id="i0" class="altColor">
 <td class="colFirst"><code>boolean</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/geode/cache/query/security/MethodInvocationAuthorizer.html#authorize-java.lang.reflect.Method-java.lang.Object-">authorize</a></span>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/reflect/Method.html?is-external=true" title="class or interface in java.lang.reflect">Method</a>&nbsp;method,
          <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a>&nbsp;target)</code>
 <div class="block">Executes the authorization logic to determine whether the <code>method</code> is allowed to be
  executed on the <code>target</code> object instance.</div>
 </td>
 </tr>
 <tr id="i1" class="rowColor">
 <td class="colFirst"><code>default void</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/geode/cache/query/security/MethodInvocationAuthorizer.html#initialize-org.apache.geode.cache.Cache-java.util.Set-">initialize</a></span>(<a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache">Cache</a>&nbsp;cache,
           <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&gt;&nbsp;parameters)</code>
 <div class="block">Initializes the MethodInvocationAuthorizer using a <a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache"><code>Cache</code></a> and a <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util"><code>Set</code></a> of
  <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang"><code>String</code></a> parameters.</div>
 </td>
 </tr>
 </table>
 </li>
 </ul>
 </li>
 </ul>
 </div>
 <div class="details">
 <ul class="blockList">
 <li class="blockList">
 <!-- ============ METHOD DETAIL ========== -->
 <ul class="blockList">
 <li class="blockList"><a name="method.detail">
 <!--   -->
 </a>
 <h3>Method Detail</h3>
 <a name="initialize-org.apache.geode.cache.Cache-java.util.Set-">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>initialize</h4>
 <pre>default&nbsp;void&nbsp;initialize(<a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache">Cache</a>&nbsp;cache,
                         <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&gt;&nbsp;parameters)</pre>
 <div class="block">Initializes the MethodInvocationAuthorizer using a <a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache"><code>Cache</code></a> and a <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util"><code>Set</code></a> of
  <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang"><code>String</code></a> parameters.
  <p>

  This method exists to allow user-specified method authorizers to be configured and used at
  runtime. If this method is not overridden in a user-specified authorizer then that authorizer
  will not be configurable.</div>
 <dl>
 <dt><span class="paramLabel">Parameters:</span></dt>
 <dd><code>cache</code> - the <a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache"><code>Cache</code></a> to which the MethodInvocationAuthorizer will belong</dd>
 <dd><code>parameters</code> - a <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util"><code>Set</code></a> of <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang"><code>String</code></a> that will be used to configure the
         MethodInvocationAuthorizer</dd>
 </dl>
 </li>
 </ul>
 <a name="authorize-java.lang.reflect.Method-java.lang.Object-">
 <!--   -->
 </a>
 <ul class="blockListLast">
 <li class="blockList">
 <h4>authorize</h4>
 <pre>boolean&nbsp;authorize(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/reflect/Method.html?is-external=true" title="class or interface in java.lang.reflect">Method</a>&nbsp;method,
                   <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a>&nbsp;target)</pre>
 <div class="block">Executes the authorization logic to determine whether the <code>method</code> is allowed to be
  executed on the <code>target</code> object instance.
  <p>

  <b>Implementation Note</b>: the query engine will remember whether the method invocation has
  been already authorized or not for the current query context, so this method will be called
  once in the lifetime of a query for every new method seen while traversing the objects.
  Nevertheless, the implementation should be lighting fast as it will be called by the
  OQL engine in runtime during the query execution.</div>
 <dl>
 <dt><span class="paramLabel">Parameters:</span></dt>
 <dd><code>method</code> - the <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/reflect/Method.html?is-external=true" title="class or interface in java.lang.reflect"><code>Method</code></a> that should be authorized.</dd>
 <dd><code>target</code> - the <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang"><code>Object</code></a> on which the <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/reflect/Method.html?is-external=true" title="class or interface in java.lang.reflect"><code>Method</code></a> will be executed.</dd>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd><code>true</code> if the <code>method</code> can be executed on on the <code>target</code> instance,
          <code>false</code> otherwise.</dd>
 </dl>
 </li>
 </ul>
 </li>
 </ul>
 </li>
 </ul>
 </div>
 </div>
 <!-- ========= END OF CLASS DATA ========= -->
 <!-- ======= START OF BOTTOM NAVBAR ====== -->
 <div class="bottomNav"><a name="navbar.bottom">
 <!--   -->
 </a>
 <div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
 <a name="navbar.bottom.firstrow">
 <!--   -->
 </a>
 <ul class="navList" title="Navigation">
 <li><a href="../../../../../../overview-summary.html">Overview</a></li>
 <li><a href="package-summary.html">Package</a></li>
 <li class="navBarCell1Rev">Class</li>
 <li><a href="package-tree.html">Tree</a></li>
 <li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
 <li><a href="../../../../../../index-all.html">Index</a></li>
 <li><a href="../../../../../../help-doc.html">Help</a></li>
 </ul>
 </div>
 <div class="subNav">
 <ul class="navList">
 <li><a href="../../../../../../org/apache/geode/cache/query/security/JavaBeanAccessorMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
 <li><a href="../../../../../../org/apache/geode/cache/query/security/RegExMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security"><span class="typeNameLink">Next&nbsp;Class</span></a></li>
 </ul>
 <ul class="navList">
 <li><a href="../../../../../../index.html?org/apache/geode/cache/query/security/MethodInvocationAuthorizer.html" target="_top">Frames</a></li>
 <li><a href="MethodInvocationAuthorizer.html" target="_top">No&nbsp;Frames</a></li>
 </ul>
 <ul class="navList" id="allclasses_navbar_bottom">
 <li><a href="../../../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
 </ul>
 <div>
 <script type="text/javascript"><!--
   allClassesLink = document.getElementById("allclasses_navbar_bottom");
   if(window==top) {
     allClassesLink.style.display = "block";
   }
   else {
     allClassesLink.style.display = "none";
   }
   //-->
 </script>
 </div>
 <div>
 <ul class="subNavList">
 <li>Summary:&nbsp;</li>
 <li>Nested&nbsp;|&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li>Constr&nbsp;|&nbsp;</li>
 <li><a href="#method.summary">Method</a></li>
 </ul>
 <ul class="subNavList">
 <li>Detail:&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li>Constr&nbsp;|&nbsp;</li>
 <li><a href="#method.detail">Method</a></li>
 </ul>
 </div>
 <a name="skip.navbar.bottom">
 <!--   -->
 </a></div>
 <!-- ======== END OF BOTTOM NAVBAR ======= -->
 </body>
 </html>
	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
	<!-- NewPage -->
	<html lang="en">
	<head>
	<!-- Generated by javadoc -->
	<title>MethodInvocationAuthorizer (Apache Geode 1.15.1)</title>
	<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
	<script type="text/javascript" src="../../../../../../script.js"></script>
	</head>
	<body>
	<script type="text/javascript"><!--
	try {
	if (location.href.indexOf('is-external=true') == -1) {
	parent.document.title="MethodInvocationAuthorizer (Apache Geode 1.15.1)";
	}
	}
	catch(err) {
	}
	//-->
	var methods = {"i0":6,"i1":18};
	var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"],16:["t5","Default Methods"]};
	var altColor = "altColor";
	var rowColor = "rowColor";
	var tableTab = "tableTab";
	var activeTableTab = "activeTableTab";
	</script>
	<noscript>
	<div>JavaScript is disabled on your browser.</div>
	</noscript>
	<!-- ========= START OF TOP NAVBAR ======= -->
	<div class="topNav"><a name="navbar.top">
	<!-- -->
	</a>
	<div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
	<a name="navbar.top.firstrow">
	<!-- -->
	</a>
	<ul class="navList" title="Navigation">
	<li><a href="../../../../../../overview-summary.html">Overview</a></li>
	<li><a href="package-summary.html">Package</a></li>
	<li class="navBarCell1Rev">Class</li>
	<li><a href="package-tree.html">Tree</a></li>
	<li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
	<li><a href="../../../../../../index-all.html">Index</a></li>
	<li><a href="../../../../../../help-doc.html">Help</a></li>
	</ul>
	</div>
	<div class="subNav">
	<ul class="navList">
	<li><a href="../../../../../../org/apache/geode/cache/query/security/JavaBeanAccessorMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security"><span class="typeNameLink">Prev Class</span></a></li>
	<li><a href="../../../../../../org/apache/geode/cache/query/security/RegExMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security"><span class="typeNameLink">Next Class</span></a></li>
	</ul>
	<ul class="navList">
	<li><a href="../../../../../../index.html?org/apache/geode/cache/query/security/MethodInvocationAuthorizer.html" target="_top">Frames</a></li>
	<li><a href="MethodInvocationAuthorizer.html" target="_top">No Frames</a></li>
	</ul>
	<ul class="navList" id="allclasses_navbar_top">
	<li><a href="../../../../../../allclasses-noframe.html">All Classes</a></li>
	</ul>
	<div>
	<script type="text/javascript"><!--
	allClassesLink = document.getElementById("allclasses_navbar_top");
	if(window==top) {
	allClassesLink.style.display = "block";
	}
	else {
	allClassesLink.style.display = "none";
	}
	//-->
	</script>
	</div>
	<div>
	<ul class="subNavList">
	<li>Summary: </li>
	<li>Nested \| </li>
	<li>Field \| </li>
	<li>Constr \| </li>
	<li><a href="#method.summary">Method</a></li>
	</ul>
	<ul class="subNavList">
	<li>Detail: </li>
	<li>Field \| </li>
	<li>Constr \| </li>
	<li><a href="#method.detail">Method</a></li>
	</ul>
	</div>
	<a name="skip.navbar.top">
	<!-- -->
	</a></div>
	<!-- ========= END OF TOP NAVBAR ========= -->
	<!-- ======== START OF CLASS DATA ======== -->
	<div class="header">
	<div class="subTitle">org.apache.geode.cache.query.security</div>
	<h2 title="Interface MethodInvocationAuthorizer" class="title">Interface MethodInvocationAuthorizer</h2>
	</div>
	<div class="contentContainer">
	<div class="description">
	<ul class="blockList">
	<li class="blockList">
	<dl>
	<dt>All Known Implementing Classes:</dt>
	<dd><a href="../../../../../../org/apache/geode/examples/security/ExampleAnnotationBasedMethodInvocationAuthorizer.html" title="class in org.apache.geode.examples.security">ExampleAnnotationBasedMethodInvocationAuthorizer</a>, <a href="../../../../../../org/apache/geode/cache/query/security/JavaBeanAccessorMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security">JavaBeanAccessorMethodAuthorizer</a>, <a href="../../../../../../org/apache/geode/cache/query/security/RegExMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security">RegExMethodAuthorizer</a>, <a href="../../../../../../org/apache/geode/cache/query/security/RestrictedMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security">RestrictedMethodAuthorizer</a>, <a href="../../../../../../org/apache/geode/cache/query/security/UnrestrictedMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security">UnrestrictedMethodAuthorizer</a></dd>
	</dl>
	<hr>
	<br>
	<pre>public interface <span class="typeNameLabel">MethodInvocationAuthorizer</span></pre>
	<div class="block">The root interface that should be implemented by method invocation authorizer instances.
	The authorizer is responsible for determining whether a <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/reflect/Method.html?is-external=true" title="class or interface in java.lang.reflect"><code>Method</code></a> is
	allowed to be executed on a specific <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang"><code>Object</code></a> instance. Implementations of this
	interface should provide a no-arg constructor.
	<p>

	There are mainly four security risks when allowing users to execute arbitrary methods in OQL,
	which should be addressed by implementations of this interface:
	<ul>
	<li><code>Java Reflection</code>: do anything through <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#getClass--" title="class or interface in java.lang"><code>Object.getClass()</code></a> or similar.
	<li><code>Cache Modification</code>: execute <a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache"><code>Cache</code></a> operations (close, get regions, etc.).
	<li><code>Region Modification</code>: execute <a href="../../../../../../org/apache/geode/cache/Region.html" title="interface in org.apache.geode.cache"><code>Region</code></a> operations (destroy, invalidate, etc.).
	<li><code>Region Entry Modification</code>: execute in-place modifications on the region entries.
	</ul>
	<p>

	Implementations of this interface should be thread-safe: multiple threads might be authorizing
	several method invocations using the same instance at the same time.</div>
	</li>
	</ul>
	</div>
	<div class="summary">
	<ul class="blockList">
	<li class="blockList">
	<!-- ========== METHOD SUMMARY =========== -->
	<ul class="blockList">
	<li class="blockList"><a name="method.summary">
	<!-- -->
	</a>
	<h3>Method Summary</h3>
	<table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
	<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd"> </span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd"> </span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd"> </span></span><span id="t5" class="tableTab"><span><a href="javascript:show(16);">Default Methods</a></span><span class="tabEnd"> </span></span></caption>
	<tr>
	<th class="colFirst" scope="col">Modifier and Type</th>
	<th class="colLast" scope="col">Method and Description</th>
	</tr>
	<tr id="i0" class="altColor">
	<td class="colFirst"><code>boolean</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/geode/cache/query/security/MethodInvocationAuthorizer.html#authorize-java.lang.reflect.Method-java.lang.Object-">authorize</a></span>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/reflect/Method.html?is-external=true" title="class or interface in java.lang.reflect">Method</a> method,
	<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a> target)</code>
	<div class="block">Executes the authorization logic to determine whether the <code>method</code> is allowed to be
	executed on the <code>target</code> object instance.</div>
	</td>
	</tr>
	<tr id="i1" class="rowColor">
	<td class="colFirst"><code>default void</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/geode/cache/query/security/MethodInvocationAuthorizer.html#initialize-org.apache.geode.cache.Cache-java.util.Set-">initialize</a></span>(<a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache">Cache</a> cache,
	<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</a><<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>> parameters)</code>
	<div class="block">Initializes the MethodInvocationAuthorizer using a <a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache"><code>Cache</code></a> and a <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util"><code>Set</code></a> of
	<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang"><code>String</code></a> parameters.</div>
	</td>
	</tr>
	</table>
	</li>
	</ul>
	</li>
	</ul>
	</div>
	<div class="details">
	<ul class="blockList">
	<li class="blockList">
	<!-- ============ METHOD DETAIL ========== -->
	<ul class="blockList">
	<li class="blockList"><a name="method.detail">
	<!-- -->
	</a>
	<h3>Method Detail</h3>
	<a name="initialize-org.apache.geode.cache.Cache-java.util.Set-">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>initialize</h4>
	<pre>default void initialize(<a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache">Cache</a> cache,
	<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</a><<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>> parameters)</pre>
	<div class="block">Initializes the MethodInvocationAuthorizer using a <a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache"><code>Cache</code></a> and a <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util"><code>Set</code></a> of
	<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang"><code>String</code></a> parameters.
	<p>

	This method exists to allow user-specified method authorizers to be configured and used at
	runtime. If this method is not overridden in a user-specified authorizer then that authorizer
	will not be configurable.</div>
	<dl>
	<dt><span class="paramLabel">Parameters:</span></dt>
	<dd><code>cache</code> - the <a href="../../../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache"><code>Cache</code></a> to which the MethodInvocationAuthorizer will belong</dd>
	<dd><code>parameters</code> - a <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util"><code>Set</code></a> of <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang"><code>String</code></a> that will be used to configure the
	MethodInvocationAuthorizer</dd>
	</dl>
	</li>
	</ul>
	<a name="authorize-java.lang.reflect.Method-java.lang.Object-">
	<!-- -->
	</a>
	<ul class="blockListLast">
	<li class="blockList">
	<h4>authorize</h4>
	<pre>boolean authorize(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/reflect/Method.html?is-external=true" title="class or interface in java.lang.reflect">Method</a> method,
	<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a> target)</pre>
	<div class="block">Executes the authorization logic to determine whether the <code>method</code> is allowed to be
	executed on the <code>target</code> object instance.
	<p>

	<b>Implementation Note</b>: the query engine will remember whether the method invocation has
	been already authorized or not for the current query context, so this method will be called
	once in the lifetime of a query for every new method seen while traversing the objects.
	Nevertheless, the implementation should be lighting fast as it will be called by the
	OQL engine in runtime during the query execution.</div>
	<dl>
	<dt><span class="paramLabel">Parameters:</span></dt>
	<dd><code>method</code> - the <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/reflect/Method.html?is-external=true" title="class or interface in java.lang.reflect"><code>Method</code></a> that should be authorized.</dd>
	<dd><code>target</code> - the <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang"><code>Object</code></a> on which the <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/reflect/Method.html?is-external=true" title="class or interface in java.lang.reflect"><code>Method</code></a> will be executed.</dd>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd><code>true</code> if the <code>method</code> can be executed on on the <code>target</code> instance,
	<code>false</code> otherwise.</dd>
	</dl>
	</li>
	</ul>
	</li>
	</ul>
	</li>
	</ul>
	</div>
	</div>
	<!-- ========= END OF CLASS DATA ========= -->
	<!-- ======= START OF BOTTOM NAVBAR ====== -->
	<div class="bottomNav"><a name="navbar.bottom">
	<!-- -->
	</a>
	<div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
	<a name="navbar.bottom.firstrow">
	<!-- -->
	</a>
	<ul class="navList" title="Navigation">
	<li><a href="../../../../../../overview-summary.html">Overview</a></li>
	<li><a href="package-summary.html">Package</a></li>
	<li class="navBarCell1Rev">Class</li>
	<li><a href="package-tree.html">Tree</a></li>
	<li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
	<li><a href="../../../../../../index-all.html">Index</a></li>
	<li><a href="../../../../../../help-doc.html">Help</a></li>
	</ul>
	</div>
	<div class="subNav">
	<ul class="navList">
	<li><a href="../../../../../../org/apache/geode/cache/query/security/JavaBeanAccessorMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security"><span class="typeNameLink">Prev Class</span></a></li>
	<li><a href="../../../../../../org/apache/geode/cache/query/security/RegExMethodAuthorizer.html" title="class in org.apache.geode.cache.query.security"><span class="typeNameLink">Next Class</span></a></li>
	</ul>
	<ul class="navList">
	<li><a href="../../../../../../index.html?org/apache/geode/cache/query/security/MethodInvocationAuthorizer.html" target="_top">Frames</a></li>
	<li><a href="MethodInvocationAuthorizer.html" target="_top">No Frames</a></li>
	</ul>
	<ul class="navList" id="allclasses_navbar_bottom">
	<li><a href="../../../../../../allclasses-noframe.html">All Classes</a></li>
	</ul>
	<div>
	<script type="text/javascript"><!--
	allClassesLink = document.getElementById("allclasses_navbar_bottom");
	if(window==top) {
	allClassesLink.style.display = "block";
	}
	else {
	allClassesLink.style.display = "none";
	}
	//-->
	</script>
	</div>
	<div>
	<ul class="subNavList">
	<li>Summary: </li>
	<li>Nested \| </li>
	<li>Field \| </li>
	<li>Constr \| </li>
	<li><a href="#method.summary">Method</a></li>
	</ul>
	<ul class="subNavList">
	<li>Detail: </li>
	<li>Field \| </li>
	<li>Constr \| </li>
	<li><a href="#method.detail">Method</a></li>
	</ul>
	</div>
	<a name="skip.navbar.bottom">
	<!-- -->
	</a></div>
	<!-- ======== END OF BOTTOM NAVBAR ======= -->
	</body>
	</html>