public class BasicSecurityManager extends Object implements SecurityManager
Constructor and Description |
---|
BasicSecurityManager(RepositorySettings repositorySettings,
String privateKeyFile,
MessageAuthenticator authenticator,
MessageSigner signer,
OperationAuthorizor authorizer,
PermissionStore permissionStore,
String componentID)
Constructor for the SecurityManager.
|
Modifier and Type | Method and Description |
---|---|
void |
authenticateMessage(String message,
String signature)
Method to authenticate a message.
|
void |
authorizeCertificateUse(String certificateUser,
String messageData,
String signature)
Method to authorize the use of a certificate
|
void |
authorizeOperation(String operationType,
String messageData,
String signature)
Method to authorize an operation
|
String |
signMessage(String message)
Method to sign a message
|
public BasicSecurityManager(RepositorySettings repositorySettings, String privateKeyFile, MessageAuthenticator authenticator, MessageSigner signer, OperationAuthorizor authorizer, PermissionStore permissionStore, String componentID)
repositorySettings
- the collection settings to retrieve settings fromprivateKeyFile
- path to the file containing the components private key and certificate, may be null if not using
certificates and encryption.authenticator
- MessageAuthenticator for authenticating messagessigner
- MessageSigner for signing messages.authorizer
- OperationAuthorizer to authorize operationspermissionStore
- the PermissionStore to hold certificates and adjoining permissionspublic void authenticateMessage(String message, String signature) throws MessageAuthenticationException
authenticateMessage
in interface SecurityManager
message
- the message that needs to be authenticated.signature
- the signature belonging to the message.MessageAuthenticationException
- in case of failure.public String signMessage(String message) throws MessageSigningException
signMessage
in interface SecurityManager
message
- the message to signMessageSigningException
- if signing of the message fails.public void authorizeCertificateUse(String certificateUser, String messageData, String signature) throws CertificateUseException
authorizeCertificateUse
in interface SecurityManager
certificateUser
- the user who signed the messagemessageData
- the data of the message request.signature
- the signature belonging to the message request.CertificateUseException
- in case the certificate use could not be authorized.public void authorizeOperation(String operationType, String messageData, String signature) throws OperationAuthorizationException
authorizeOperation
in interface SecurityManager
operationType
- the type of operation that is to be authorized.messageData
- the data of the message request.signature
- the signature belonging to the message request.OperationAuthorizationException
- in case of failure.Copyright © 2010-2013 The State and University Library, The Royal Library and The State Archives, Denmark. All Rights Reserved.