| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
| <!-- NewPage --> |
| <html lang="en"> |
| <head> |
| <!-- Generated by javadoc --> |
| <title>AccessControl (Apache Geode 1.15.1)</title> |
| <link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="Style"> |
| <script type="text/javascript" src="../../../../script.js"></script> |
| </head> |
| <body> |
| <script type="text/javascript"><!-- |
| try { |
| if (location.href.indexOf('is-external=true') == -1) { |
| parent.document.title="AccessControl (Apache Geode 1.15.1)"; |
| } |
| } |
| catch(err) { |
| } |
| //--> |
| var methods = {"i0":38,"i1":50,"i2":50,"i3":38}; |
| var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"],16:["t5","Default Methods"],32:["t6","Deprecated Methods"]}; |
| var altColor = "altColor"; |
| var rowColor = "rowColor"; |
| var tableTab = "tableTab"; |
| var activeTableTab = "activeTableTab"; |
| </script> |
| <noscript> |
| <div>JavaScript is disabled on your browser.</div> |
| </noscript> |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <div class="topNav"><a name="navbar.top"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.top.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li>Prev Class</li> |
| <li><a href="../../../../org/apache/geode/security/AuthenticationExpiredException.html" title="class in org.apache.geode.security"><span class="typeNameLink">Next Class</span></a></li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../index.html?org/apache/geode/security/AccessControl.html" target="_top">Frames</a></li> |
| <li><a href="AccessControl.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_top"> |
| <li><a href="../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_top"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li><a href="#method.summary">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li><a href="#method.detail">Method</a></li> |
| </ul> |
| </div> |
| <a name="skip.navbar.top"> |
| <!-- --> |
| </a></div> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <div class="header"> |
| <div class="subTitle">org.apache.geode.security</div> |
| <h2 title="Interface AccessControl" class="title">Interface AccessControl</h2> |
| </div> |
| <div class="contentContainer"> |
| <div class="description"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <dl> |
| <dt>All Superinterfaces:</dt> |
| <dd><a href="../../../../org/apache/geode/cache/CacheCallback.html" title="interface in org.apache.geode.cache">CacheCallback</a>, <a href="../../../../org/apache/geode/cache/Declarable.html" title="interface in org.apache.geode.cache">Declarable</a></dd> |
| </dl> |
| <hr> |
| <div class="block"><span class="deprecatedLabel">Deprecated.</span> |
| <div class="block"><span class="deprecationComment">since Geode 1.0, use <a href="../../../../org/apache/geode/security/SecurityManager.html" title="interface in org.apache.geode.security"><code>SecurityManager</code></a> instead</span></div> |
| </div> |
| <br> |
| <pre><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Deprecated.html?is-external=true" title="class or interface in java.lang">@Deprecated</a> |
| public interface <span class="typeNameLabel">AccessControl</span> |
| extends <a href="../../../../org/apache/geode/cache/CacheCallback.html" title="interface in org.apache.geode.cache">CacheCallback</a></pre> |
| <div class="block">Specifies the interface to authorize operations at the cache or region level for clients or |
| servers. Implementations should register name of the static creation function as the |
| <code>security-client-accessor</code> system property with all the servers uniformly in the |
| distributed system for client authorization. When the <code>security-client-accessor-pp</code> |
| property is set then the callback mentioned is invoked after the operation completes successfully |
| and when sending notifications. |
| |
| When the registration has been done for a client/peer then an object of this class is created for |
| each connection from the client/peer and the <code>authorizeOperation</code> method invoked |
| before/after each operation.</div> |
| <dl> |
| <dt><span class="simpleTagLabel">Since:</span></dt> |
| <dd>GemFire 5.5</dd> |
| </dl> |
| </li> |
| </ul> |
| </div> |
| <div class="summary"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- ========== METHOD SUMMARY =========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method.summary"> |
| <!-- --> |
| </a> |
| <h3>Method Summary</h3> |
| <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation"> |
| <caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd"> </span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd"> </span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd"> </span></span><span id="t5" class="tableTab"><span><a href="javascript:show(16);">Default Methods</a></span><span class="tabEnd"> </span></span><span id="t6" class="tableTab"><span><a href="javascript:show(32);">Deprecated Methods</a></span><span class="tabEnd"> </span></span></caption> |
| <tr> |
| <th class="colFirst" scope="col">Modifier and Type</th> |
| <th class="colLast" scope="col">Method and Description</th> |
| </tr> |
| <tr id="i0" class="altColor"> |
| <td class="colFirst"><code>boolean</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../org/apache/geode/security/AccessControl.html#authorizeOperation-java.lang.String-org.apache.geode.cache.operations.OperationContext-">authorizeOperation</a></span>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> regionName, |
| <a href="../../../../org/apache/geode/cache/operations/OperationContext.html" title="class in org.apache.geode.cache.operations">OperationContext</a> context)</code> |
| <div class="block"><span class="deprecatedLabel">Deprecated.</span> </div> |
| <div class="block">Check if the given operation is allowed for the cache/region.</div> |
| </td> |
| </tr> |
| <tr id="i1" class="rowColor"> |
| <td class="colFirst"><code>default void</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../org/apache/geode/security/AccessControl.html#init-java.security.Principal-">init</a></span>(<a href="https://docs.oracle.com/javase/8/docs/api/java/security/Principal.html?is-external=true" title="class or interface in java.security">Principal</a> principal)</code> |
| <div class="block"><span class="deprecatedLabel">Deprecated.</span> </div> |
| </td> |
| </tr> |
| <tr id="i2" class="altColor"> |
| <td class="colFirst"><code>default void</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../org/apache/geode/security/AccessControl.html#init-java.security.Principal-org.apache.geode.distributed.DistributedMember-">init</a></span>(<a href="https://docs.oracle.com/javase/8/docs/api/java/security/Principal.html?is-external=true" title="class or interface in java.security">Principal</a> principal, |
| <a href="../../../../org/apache/geode/distributed/DistributedMember.html" title="interface in org.apache.geode.distributed">DistributedMember</a> remoteMember)</code> |
| <div class="block"><span class="deprecatedLabel">Deprecated.</span> </div> |
| </td> |
| </tr> |
| <tr id="i3" class="rowColor"> |
| <td class="colFirst"><code>void</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../org/apache/geode/security/AccessControl.html#init-java.security.Principal-org.apache.geode.distributed.DistributedMember-org.apache.geode.cache.Cache-">init</a></span>(<a href="https://docs.oracle.com/javase/8/docs/api/java/security/Principal.html?is-external=true" title="class or interface in java.security">Principal</a> principal, |
| <a href="../../../../org/apache/geode/distributed/DistributedMember.html" title="interface in org.apache.geode.distributed">DistributedMember</a> remoteMember, |
| <a href="../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache">Cache</a> cache)</code> |
| <div class="block"><span class="deprecatedLabel">Deprecated.</span> </div> |
| <div class="block">Initialize the callback for a client/peer having the given principal.</div> |
| </td> |
| </tr> |
| </table> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.geode.cache.CacheCallback"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from interface org.apache.geode.cache.<a href="../../../../org/apache/geode/cache/CacheCallback.html" title="interface in org.apache.geode.cache">CacheCallback</a></h3> |
| <code><a href="../../../../org/apache/geode/cache/CacheCallback.html#close--">close</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.geode.cache.Declarable"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from interface org.apache.geode.cache.<a href="../../../../org/apache/geode/cache/Declarable.html" title="interface in org.apache.geode.cache">Declarable</a></h3> |
| <code><a href="../../../../org/apache/geode/cache/Declarable.html#init-java.util.Properties-">init</a>, <a href="../../../../org/apache/geode/cache/Declarable.html#initialize-org.apache.geode.cache.Cache-java.util.Properties-">initialize</a></code></li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| <div class="details"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- ============ METHOD DETAIL ========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method.detail"> |
| <!-- --> |
| </a> |
| <h3>Method Detail</h3> |
| <a name="init-java.security.Principal-org.apache.geode.distributed.DistributedMember-org.apache.geode.cache.Cache-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>init</h4> |
| <pre>void init(<a href="https://docs.oracle.com/javase/8/docs/api/java/security/Principal.html?is-external=true" title="class or interface in java.security">Principal</a> principal, |
| <a href="../../../../org/apache/geode/distributed/DistributedMember.html" title="interface in org.apache.geode.distributed">DistributedMember</a> remoteMember, |
| <a href="../../../../org/apache/geode/cache/Cache.html" title="interface in org.apache.geode.cache">Cache</a> cache) |
| throws <a href="../../../../org/apache/geode/security/NotAuthorizedException.html" title="class in org.apache.geode.security">NotAuthorizedException</a></pre> |
| <div class="block"><span class="deprecatedLabel">Deprecated.</span> </div> |
| <div class="block">Initialize the callback for a client/peer having the given principal. |
| |
| This is invoked when a new connection from a client/peer is created with the host. The callback |
| is expected to store authentication information of the given principal for the different |
| regions for maximum efficiency when invoking <code>authorizeOperation</code> in each operation.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>principal</code> - the principal associated with the authenticated client or peer; a null |
| principal implies an unauthenticated client which should be handled properly by |
| implementations</dd> |
| <dd><code>remoteMember</code> - the <a href="../../../../org/apache/geode/distributed/DistributedMember.html" title="interface in org.apache.geode.distributed"><code>DistributedMember</code></a> object for the remote authenticated client or |
| peer</dd> |
| <dd><code>cache</code> - reference to the cache object</dd> |
| <dt><span class="throwsLabel">Throws:</span></dt> |
| <dd><code><a href="../../../../org/apache/geode/security/NotAuthorizedException.html" title="class in org.apache.geode.security">NotAuthorizedException</a></code> - if some exception condition happens during the initialization; |
| in such a case all subsequent client operations on that connection will throw |
| <code>NotAuthorizedException</code></dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="init-java.security.Principal-org.apache.geode.distributed.DistributedMember-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>init</h4> |
| <pre>default void init(<a href="https://docs.oracle.com/javase/8/docs/api/java/security/Principal.html?is-external=true" title="class or interface in java.security">Principal</a> principal, |
| <a href="../../../../org/apache/geode/distributed/DistributedMember.html" title="interface in org.apache.geode.distributed">DistributedMember</a> remoteMember) |
| throws <a href="../../../../org/apache/geode/security/NotAuthorizedException.html" title="class in org.apache.geode.security">NotAuthorizedException</a></pre> |
| <div class="block"><span class="deprecatedLabel">Deprecated.</span> </div> |
| <dl> |
| <dt><span class="throwsLabel">Throws:</span></dt> |
| <dd><code><a href="../../../../org/apache/geode/security/NotAuthorizedException.html" title="class in org.apache.geode.security">NotAuthorizedException</a></code></dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="init-java.security.Principal-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>init</h4> |
| <pre>default void init(<a href="https://docs.oracle.com/javase/8/docs/api/java/security/Principal.html?is-external=true" title="class or interface in java.security">Principal</a> principal) |
| throws <a href="../../../../org/apache/geode/security/NotAuthorizedException.html" title="class in org.apache.geode.security">NotAuthorizedException</a></pre> |
| <div class="block"><span class="deprecatedLabel">Deprecated.</span> </div> |
| <dl> |
| <dt><span class="throwsLabel">Throws:</span></dt> |
| <dd><code><a href="../../../../org/apache/geode/security/NotAuthorizedException.html" title="class in org.apache.geode.security">NotAuthorizedException</a></code></dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="authorizeOperation-java.lang.String-org.apache.geode.cache.operations.OperationContext-"> |
| <!-- --> |
| </a> |
| <ul class="blockListLast"> |
| <li class="blockList"> |
| <h4>authorizeOperation</h4> |
| <pre>boolean authorizeOperation(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> regionName, |
| <a href="../../../../org/apache/geode/cache/operations/OperationContext.html" title="class in org.apache.geode.cache.operations">OperationContext</a> context)</pre> |
| <div class="block"><span class="deprecatedLabel">Deprecated.</span> </div> |
| <div class="block">Check if the given operation is allowed for the cache/region. |
| |
| This method is invoked in each cache and region level operation. It is, therefore, expected |
| that as far as possible relevant information has been cached in the <code>init</code> call made |
| when the connection was established so that this call is as quick as possible.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>regionName</code> - When null then it indicates a cache-level operation (i.e. one of |
| <a href="../../../../org/apache/geode/cache/operations/OperationContext.OperationCode.html#REGION_DESTROY"><code>OperationContext.OperationCode.REGION_DESTROY</code></a> |
| or <a href="../../../../org/apache/geode/cache/operations/OperationContext.OperationCode.html#QUERY"><code>OperationContext.OperationCode.QUERY</code></a>, else |
| the name of the region for the operation.</dd> |
| <dd><code>context</code> - When invoked before the operation then the data required by the operation. When |
| invoked as a post-process filter then it contains the result of the operation. The data |
| in the context can be possibly modified by the method.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>true if the operation is authorized and false otherwise</dd> |
| </dl> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <!-- ========= END OF CLASS DATA ========= --> |
| <!-- ======= START OF BOTTOM NAVBAR ====== --> |
| <div class="bottomNav"><a name="navbar.bottom"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.bottom.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li>Prev Class</li> |
| <li><a href="../../../../org/apache/geode/security/AuthenticationExpiredException.html" title="class in org.apache.geode.security"><span class="typeNameLink">Next Class</span></a></li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../index.html?org/apache/geode/security/AccessControl.html" target="_top">Frames</a></li> |
| <li><a href="AccessControl.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_bottom"> |
| <li><a href="../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_bottom"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li><a href="#method.summary">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li><a href="#method.detail">Method</a></li> |
| </ul> |
| </div> |
| <a name="skip.navbar.bottom"> |
| <!-- --> |
| </a></div> |
| <!-- ======== END OF BOTTOM NAVBAR ======= --> |
| </body> |
| </html> |