javax.security.sasl

Class AuthorizeCallback

public class AuthorizeCallback extends Object implements Callback, Serializable

This callback is used by {@link SaslServer} to determine whether one entity (identified by an authenticated authentication ID) can act on behalf of another entity (identified by an authorization ID).

Since: 1.5

Constructor Summary
	AuthorizeCallback(String authnID, String authzID) Constructs an instance of `AuthorizeCallback`.

Method Summary
String	getAuthenticationID() Returns the authentication ID to check.
String	getAuthorizationID() Returns the authorization ID to check.
String	getAuthorizedID() Returns the ID of the authorized user.
boolean	isAuthorized() Determines if the identity represented by authentication ID is allowed to act on behalf of the authorization ID.
void	setAuthorized(boolean authorized) Sets if authorization is allowed or not.
void	setAuthorizedID(String id) Sets the ID of the authorized entity.

Constructor Detail

AuthorizeCallback

public AuthorizeCallback(String authnID, String authzID)

Constructs an instance of AuthorizeCallback.

Parameters: authnID the (authenticated) authentication ID. authzID the authorization ID.

Method Detail

getAuthenticationID

public String getAuthenticationID()

Returns the authentication ID to check.

Returns: the authentication ID to check

getAuthorizationID

public String getAuthorizationID()

Returns the authorization ID to check.

Returns: the authorization ID to check.

getAuthorizedID

public String getAuthorizedID()

Returns the ID of the authorized user.

Returns: the ID of the authorized user. null means the authorization failed.

isAuthorized

public boolean isAuthorized()

Determines if the identity represented by authentication ID is allowed to act on behalf of the authorization ID.

Returns: true if authorization is allowed; false otherwise.

setAuthorized

public void setAuthorized(boolean authorized)

Sets if authorization is allowed or not.

Parameters: authorized true if authorization is allowed; false otherwise.

Sets the ID of the authorized entity. Called by handler only when the ID is different from {@link #getAuthorizationID()}. For example, the ID might need to be canonicalized for the environment in which it will be used.