001/* AuthorizeCallback.java -- 002 Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc. 003 004This file is part of GNU Classpath. 005 006GNU Classpath is free software; you can redistribute it and/or modify 007it under the terms of the GNU General Public License as published by 008the Free Software Foundation; either version 2, or (at your option) 009any later version. 010 011GNU Classpath is distributed in the hope that it will be useful, but 012WITHOUT ANY WARRANTY; without even the implied warranty of 013MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 014General Public License for more details. 015 016You should have received a copy of the GNU General Public License 017along with GNU Classpath; see the file COPYING. If not, write to the 018Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 01902110-1301 USA. 020 021Linking this library statically or dynamically with other modules is 022making a combined work based on this library. Thus, the terms and 023conditions of the GNU General Public License cover the whole 024combination. 025 026As a special exception, the copyright holders of this library give you 027permission to link this library with independent modules to produce an 028executable, regardless of the license terms of these independent 029modules, and to copy and distribute the resulting executable under 030terms of your choice, provided that you also meet, for each linked 031independent module, the terms and conditions of the license of that 032module. An independent module is a module which is not derived from 033or based on this library. If you modify this library, you may extend 034this exception to your version of the library, but you are not 035obligated to do so. If you do not wish to do so, delete this 036exception statement from your version. */ 037 038 039package javax.security.sasl; 040 041import java.io.Serializable; 042import javax.security.auth.callback.Callback; 043 044/** 045 * This callback is used by {@link SaslServer} to determine whether one entity 046 * (identified by an authenticated authentication ID) can act on behalf of 047 * another entity (identified by an authorization ID). 048 * 049 * @since 1.5 050 */ 051public class AuthorizeCallback implements Callback, Serializable 052{ 053 // Constants and variables 054 // ------------------------------------------------------------------------- 055 056 private static final long serialVersionUID = -2353344186490470805L; 057 058 /** @serial The (authenticated) authentication id to check. */ 059 private String authenticationID = null; 060 061 /** @serial The authorization id to check. */ 062 private String authorizationID = null; 063 064 /** 065 * @serial The id of the authorized entity. If null, the id of the authorized 066 * entity is authorizationID. 067 */ 068 private String authorizedID = null; 069 070 /** 071 * @serial A flag indicating whether the authentication id is allowed to act 072 * on behalf of the authorization id. 073 */ 074 private boolean authorized = false; 075 076 // Constructor(s) 077 // ------------------------------------------------------------------------- 078 079 /** 080 * Constructs an instance of <code>AuthorizeCallback</code>. 081 * 082 * @param authnID the (authenticated) authentication ID. 083 * @param authzID the authorization ID. 084 */ 085 public AuthorizeCallback(String authnID, String authzID) 086 { 087 super(); 088 089 this.authenticationID = authnID; 090 this.authorizationID = authzID; 091 } 092 093 // Class methods 094 // ------------------------------------------------------------------------- 095 096 // Instance methods 097 // ------------------------------------------------------------------------- 098 099 /** 100 * Returns the authentication ID to check. 101 * 102 * @return the authentication ID to check 103 */ 104 public String getAuthenticationID() 105 { 106 return authenticationID; 107 } 108 109 /** 110 * Returns the authorization ID to check. 111 * 112 * @return the authorization ID to check. 113 */ 114 public String getAuthorizationID() 115 { 116 return authorizationID; 117 } 118 119 /** 120 * Determines if the identity represented by authentication ID is allowed to 121 * act on behalf of the authorization ID. 122 * 123 * @return <code>true</code> if authorization is allowed; <code>false</code> 124 * otherwise. 125 * @see #setAuthorized(boolean) 126 * @see #getAuthorizedID() 127 */ 128 public boolean isAuthorized() 129 { 130 return authorized; 131 } 132 133 /** 134 * Sets if authorization is allowed or not. 135 * 136 * @param authorized <code>true</code> if authorization is allowed; 137 * <code>false</code> otherwise. 138 * @see #isAuthorized() 139 * @see #setAuthorizedID(String) 140 */ 141 public void setAuthorized(boolean authorized) 142 { 143 this.authorized = authorized; 144 } 145 146 /** 147 * Returns the ID of the authorized user. 148 * 149 * @return the ID of the authorized user. <code>null</code> means the 150 * authorization failed. 151 * @see #setAuthorized(boolean) 152 * @see #setAuthorizedID(String) 153 */ 154 public String getAuthorizedID() 155 { 156 if (!authorized) 157 { 158 return null; 159 } 160 return (authorizedID != null ? authorizedID : authorizationID); 161 } 162 163 /** 164 * Sets the ID of the authorized entity. Called by handler only when the ID 165 * is different from {@link #getAuthorizationID()}. For example, the ID might 166 * need to be canonicalized for the environment in which it will be used. 167 * 168 * @see #setAuthorized(boolean) 169 * @see #getAuthorizedID() 170 */ 171 public void setAuthorizedID(String id) 172 { 173 this.authorizedID = id; 174 } 175}