Knopflerfish OSGi 5.2.0

org.knopflerfish.service.um.useradmin
Interface ContextualAuthorization

All Superinterfaces:
Authorization

public interface ContextualAuthorization
extends Authorization

This subclass to Authorization adds authentication context to the authorization information. The authentication context is information about how the user was authenticated. When checking the set of roles that the user is authorized as (Authorization getRoles or hasRole), evaluation of Conditions can compare the value of context parameters with the corresponding values in their filter expressions.


Field Summary
static java.lang.String CONTEXT_AUTH_DATE
          Context parameter for authentication date, the parameter string is "auth_date".
static java.lang.String CONTEXT_AUTH_DAY
          Context parameter for authentication day of week, the parameter string is "auth_day".
static java.lang.String CONTEXT_AUTH_LEVEL
          Context parameter for authentication level, the parameter string is "auth_lvl".
static java.lang.String CONTEXT_AUTH_TIME
          Context parameter for authentication time, the parameter string is "auth_time".
static java.lang.String CONTEXT_CONF_LEVEL
          Context parameter for confidentiality level, the parameter string is "conf_lvl".
static java.lang.String CONTEXT_DATE
          Context parameter for current date, the parameter string is "date".
static java.lang.String CONTEXT_DAY
          Context parameter for current day of week, the parameter string is "day".
static java.lang.String CONTEXT_INTEGR_LEVEL
          Context parameter for integrity level, the parameter string is "integr_lvl".
static java.lang.String CONTEXT_TIME
          Context parameter for current time, the parameter string is "time".
 
Method Summary
 java.util.Dictionary getContext()
          Returns the authentication context for this authorization object.
 void setIPAMContext(java.lang.String authMethod, java.lang.String inputPath)
          Set context parameter using IPAM.
 
Methods inherited from interface org.osgi.service.useradmin.Authorization
getName, getRoles, hasRole
 

Field Detail

CONTEXT_AUTH_DATE

static final java.lang.String CONTEXT_AUTH_DATE
Context parameter for authentication date, the parameter string is "auth_date". A value should be on the format yyyy-MM-dd. This format makes it possible for example to create a filter expression that evaluates to true when the authentication date is between a start and end date. For example: (&(auth_date>=2001-06-01)(auth_date<=2001-07-01))

See Also:
Constant Field Values

CONTEXT_AUTH_TIME

static final java.lang.String CONTEXT_AUTH_TIME
Context parameter for authentication time, the parameter string is "auth_time". A value should be on the format HH:mm:ss, that is 24-hour with minutes and seconds.

See Also:
Constant Field Values

CONTEXT_AUTH_DAY

static final java.lang.String CONTEXT_AUTH_DAY
Context parameter for authentication day of week, the parameter string is "auth_day". A value should be one of the days of the week, in the environment's current locale.

See Also:
Constant Field Values

CONTEXT_DATE

static final java.lang.String CONTEXT_DATE
Context parameter for current date, the parameter string is "date". A value should be on the format yyyy-MM-dd.

See Also:
Constant Field Values

CONTEXT_TIME

static final java.lang.String CONTEXT_TIME
Context parameter for current time, the parameter string is "time". A value should be on the format HH:mm:ss, that is 24-hour with minutes and seconds.

See Also:
Constant Field Values

CONTEXT_DAY

static final java.lang.String CONTEXT_DAY
Context parameter for current day of week, the parameter string is "day". A value should be one of the days of the week, in the environment's current locale.

See Also:
Constant Field Values

CONTEXT_AUTH_LEVEL

static final java.lang.String CONTEXT_AUTH_LEVEL
Context parameter for authentication level, the parameter string is "auth_lvl". Authentication level is a quality measurement of the authentication method that was used. For example, authentication with a PIN code should probably have a lower auth_lvl than authentication with a finger print. The value is an integer between 0 (lowest) and 3 (highest). For example: (auth_lvl>=2).

See Also:
Constant Field Values

CONTEXT_CONF_LEVEL

static final java.lang.String CONTEXT_CONF_LEVEL
Context parameter for confidentiality level, the parameter string is "conf_lvl". Confidentiality level is a quality measurement of the input path when the user was authenticated. How difficult is it for some other party to eavesdrop? For example, a session using HTTPS should have a higher conf_lvl than an ordinary http session. The value is an integer between 0 (lowest) and 3 (highest).

See Also:
Constant Field Values

CONTEXT_INTEGR_LEVEL

static final java.lang.String CONTEXT_INTEGR_LEVEL
Context parameter for integrity level, the parameter string is "integr_lvl". Integrity level is a quality measurement of the input path when the user was authenticated. Can data be trusted not to be falsified? For example, a connection from a terminal in the local home network should perhaps result in a higher integr_lvl than a connection from a public terminal on the internet. The value is an integer between 0 (lowest) and 3 (highest).

See Also:
Constant Field Values
Method Detail

getContext

java.util.Dictionary getContext()
Returns the authentication context for this authorization object. The returned Dictionary can be modified to update the context.

Returns:
the context

setIPAMContext

void setIPAMContext(java.lang.String authMethod,
                    java.lang.String inputPath)
Set context parameter using IPAM. The supplied authentication method and input path strings are translated to a set of context parameters.

Parameters:
authMethod - authentication method
inputPath - input path
See Also:
IPAMValuationService

Knopflerfish OSGi 5.2.0