Package org.jets3t.servlets.gatekeeper
Class Authorizer
java.lang.Object
org.jets3t.servlets.gatekeeper.Authorizer
- Direct Known Subclasses:
DefaultAuthorizer
Authorizes or refuses operations on an S3 account - the decision can be based on information
in the request message, details about the client, or the signature request itself.
An example Authorizer implementation might check that a user has alread been authorized and their Principal details are available from the client information, or it might check that the correct password has been provided in an application property in the request message.
- Author:
- James Murty
-
Constructor Summary
ConstructorsConstructorDescriptionAuthorizer
(javax.servlet.ServletConfig servletConfig) Constructs an Authorizer. -
Method Summary
Modifier and TypeMethodDescriptionabstract boolean
allowBucketListingRequest
(GatekeeperMessage requestMessage, ClientInformation clientInformation) Authorizes a bucket listing operation for a client as represented by a the gatekeeper request message.abstract boolean
allowSignatureRequest
(GatekeeperMessage requestMessage, ClientInformation clientInformation, SignatureRequest signatureRequest) Authorizes an operation represented by a signature request by returning true, or disallows the operation by returned false (and optionally setting a decline reason in the signature request).
-
Constructor Details
-
Authorizer
public Authorizer(javax.servlet.ServletConfig servletConfig) throws javax.servlet.ServletException Constructs an Authorizer.- Parameters:
servletConfig
-- Throws:
javax.servlet.ServletException
-
-
Method Details
-
allowSignatureRequest
public abstract boolean allowSignatureRequest(GatekeeperMessage requestMessage, ClientInformation clientInformation, SignatureRequest signatureRequest) Authorizes an operation represented by a signature request by returning true, or disallows the operation by returned false (and optionally setting a decline reason in the signature request).Authorization decisions can be made based on any of the inputs provided to this method.
- Parameters:
requestMessage
- the Gatekeeper request message.clientInformation
- information about the client end-point this request was received from.signatureRequest
- a signature request to allow or disallow.- Returns:
- true if the request is allowed, false otherwise.
-
allowBucketListingRequest
public abstract boolean allowBucketListingRequest(GatekeeperMessage requestMessage, ClientInformation clientInformation) Authorizes a bucket listing operation for a client as represented by a the gatekeeper request message.Authorization decisions can be made based on any of the inputs provided to this method.
- Parameters:
requestMessage
- the Gatekeeper request message.clientInformation
- information about the client end-point this request was received from.- Returns:
- true if the request is allowed, false otherwise.
-