javax.security.sasl

Class AuthorizeCallback

public class AuthorizeCallback extends Object implements Callback, Serializable

This callback is used by {@link SaslServer} to determine whether one entity (identified by an authenticated authentication ID) can act on behalf of another entity (identified by an authorization ID).

Since: 1.5

Constructor Summary
AuthorizeCallback(String authnID, String authzID)
Constructs an instance of AuthorizeCallback.
Method Summary
StringgetAuthenticationID()
Returns the authentication ID to check.
StringgetAuthorizationID()
Returns the authorization ID to check.
StringgetAuthorizedID()
Returns the ID of the authorized user.
booleanisAuthorized()
Determines if the identity represented by authentication ID is allowed to act on behalf of the authorization ID.
voidsetAuthorized(boolean authorized)
Sets if authorization is allowed or not.
voidsetAuthorizedID(String id)
Sets the ID of the authorized entity.

Constructor Detail

AuthorizeCallback

public AuthorizeCallback(String authnID, String authzID)
Constructs an instance of AuthorizeCallback.

Parameters: authnID the (authenticated) authentication ID. authzID the authorization ID.

Method Detail

getAuthenticationID

public String getAuthenticationID()
Returns the authentication ID to check.

Returns: the authentication ID to check

getAuthorizationID

public String getAuthorizationID()
Returns the authorization ID to check.

Returns: the authorization ID to check.

getAuthorizedID

public String getAuthorizedID()
Returns the ID of the authorized user.

Returns: the ID of the authorized user. null means the authorization failed.

See Also: AuthorizeCallback setAuthorizedID

isAuthorized

public boolean isAuthorized()
Determines if the identity represented by authentication ID is allowed to act on behalf of the authorization ID.

Returns: true if authorization is allowed; false otherwise.

See Also: AuthorizeCallback getAuthorizedID

setAuthorized

public void setAuthorized(boolean authorized)
Sets if authorization is allowed or not.

Parameters: authorized true if authorization is allowed; false otherwise.

See Also: isAuthorized setAuthorizedID

setAuthorizedID

public void setAuthorizedID(String id)
Sets the ID of the authorized entity. Called by handler only when the ID is different from {@link #getAuthorizationID()}. For example, the ID might need to be canonicalized for the environment in which it will be used.

See Also: AuthorizeCallback getAuthorizedID