com.ibm.sec.authz.jaccplus

Interface EvaluationContext

All known implementing classes:
ApplicationEvaluationContext, ContainerEvaluationContext

  1. public interface EvaluationContext

This is the interface to an evaluation context from which the authorization engine can retrieve various context objects specific to each access request. It is designed to function in a similar way to the javax.security.jacc.PolicyContext defined by the JACC specification.

Each piece of context information is identified by a unique string. Instances of the IEvaluationContextHandler interface are registered to provide this information.

The following context keys are defined:

The Map<String, Object> returned from getHandlerData() is a thread- local map that passes information between the application code and the authorization engine.

Once created re-use the instance of EvaluationContext for the life of the application and across threads.

See Also:
IEvaluationContextHandler, ApplicationAttributes, IObligationManager

Method Summary

Modifier and Type Method and Description
  1. java.lang.Object
getContext(java.lang.String key)
Given a key, returns the corresponding context object.
  1. java.util.Map<java.lang.String,java.lang.Object>
getHandlerData()
Gets the thread-scoped handler data object.
  1. java.util.Set<java.lang.String>
getKeys()
Returns the set of keys that this evaluation context can handle.
  1. void
registerHandler(java.lang.String key,IEvaluationContextHandler handler,boolean replace)
This method registers a PolicyContextHandler implementation for a particular key.

Method Detail

getContext

  1. java.lang.Object getContext(java.lang.String key)
  2. throws PolicyContextException
Given a key, returns the corresponding context object.
Parameters:
key - the key.
Returns:
the attribute.
Throws:
java.lang.IllegalArgumentException - - if a handler has not been registered for the key or the registered handler no longer supports the key
PolicyContextException

getKeys

  1. java.util.Set<java.lang.String> getKeys( )
Returns the set of keys that this evaluation context can handle.
Returns:
the set of keys.

getHandlerData

  1. java.util.Map<java.lang.String,java.lang.Object> getHandlerData( )
Gets the thread-scoped handler data object.
Returns:
The thread-local handler data map.

registerHandler

  1. void registerHandler(java.lang.String key,
  2. IEvaluationContextHandler handler,
  3. boolean replace)
  4. throws PolicyContextException
This method registers a PolicyContextHandler implementation for a particular key. A single handler implementation can be registered to handle multiple keys.
Parameters:
key - the key.
handler - the policy context handler implementation.
replace - this boolean value defines the behaviour of this method if, when it is called, a policy context handler implementation has already been registered to handle the same key. In that case and if the value of this argument is true, the existing handler is replaced with the argument handler. If the value of this parameter is false, the existing registration is preserved and an exception is thrown.
Throws:
PolicyContextException - if an error occurs.