uk.ac.soton.itinnovation.grid.pbac2.pep
Class PEP
java.lang.Object
org.apache.axis.handlers.BasicHandler
org.apache.axis.providers.BasicProvider
org.apache.axis.providers.java.JavaProvider
org.apache.axis.providers.java.RPCProvider
uk.ac.soton.itinnovation.grid.pbac2.pep.PEP
- All Implemented Interfaces:
- Serializable, Handler
public class PEP
- extends RPCProvider
Enforces the access control policy for a service.
A service protected by PBAC must specify PEPProvider as its provider.
The provider uses the PEP to enforce the PBAC policy.
The PEP will intercept each incoming SOAP requests and check with the PDP that the operation should be permitted. If so, the resource is locked,
the service is invoked, and the resource is unlocked when the operation
finishes. If operation should not be permitted, a fault is returned to the
client and the service is not invoked.
- See Also:
PEPServiceResource,
Serialized Form
|
Constructor Summary |
PEP()
|
|
Method Summary |
void |
addSignedHeaderName(QName name)
|
protected RPCElement |
createResponseBody(RPCElement body,
MessageContext msgContext,
OperationDesc operation,
ServiceDesc serviceDesc,
Object objRes,
SOAPEnvelope resEnv,
ArrayList outs)
Handle document-style operations specially. |
void |
generateWSDL(MessageContext msgContext)
|
protected RPCElement |
getBody(SOAPEnvelope reqEnv,
MessageContext msgContext)
Set style to DOCUMENT, if the method's WebMethod annotation requires it. |
void |
invoke(MessageContext msgContext)
Invoke a service operation if the policy allows it. |
protected Object |
invokeMethod(MessageContext msgContext,
Method method,
Object obj,
Object[] argValues)
|
protected Object |
makeNewServiceObject(MessageContext msgContext,
String clsName)
Get the service implementation instance. |
| Methods inherited from class org.apache.axis.handlers.BasicHandler |
canHandleBlock, cleanup, getDeploymentData, getName, getOption, getOptions, getUnderstoodHeaders, init, initHashtable, onFault, setName, setOption, setOptionDefault, setOptions, setOptionsLockable |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
PEP
public PEP()
addSignedHeaderName
public void addSignedHeaderName(QName name)
invoke
public void invoke(MessageContext msgContext)
throws AxisFault
- Invoke a service operation if the policy allows it.
This method obtains the authenticated subject context
and the primary context from the Axis message context.
The authenticated subject context, primary context and
the operation name is then passed to the PDP to verify
if the user is authorised to perform the requested
operation in the current context.
- Specified by:
invoke in interface Handler- Overrides:
invoke in class JavaProvider
- Parameters:
msgContext - Axis message context
- Throws:
AxisFault
invokeMethod
protected Object invokeMethod(MessageContext msgContext,
Method method,
Object obj,
Object[] argValues)
throws Exception
- Overrides:
invokeMethod in class RPCProvider
- Throws:
Exception
makeNewServiceObject
protected Object makeNewServiceObject(MessageContext msgContext,
String clsName)
throws Exception
- Get the service implementation instance.
Axis uses this method to get instances of the service objects. We override this to use
our
ImplementationFactory, so that we don't end up with two objects (the singleton created
by axis, and the singleton created by ImplementationFactory).
- Overrides:
makeNewServiceObject in class JavaProvider
- Parameters:
clsName - the interface of the service (from the server-config.wsdd file)
- Throws:
Exception
getBody
protected RPCElement getBody(SOAPEnvelope reqEnv,
MessageContext msgContext)
throws Exception
- Set style to DOCUMENT, if the method's WebMethod annotation requires it.
Note: overriding getOperationDesc() doesn't work, because getBody doesn't use it.
- Overrides:
getBody in class RPCProvider
- Throws:
Exception
createResponseBody
protected RPCElement createResponseBody(RPCElement body,
MessageContext msgContext,
OperationDesc operation,
ServiceDesc serviceDesc,
Object objRes,
SOAPEnvelope resEnv,
ArrayList outs)
throws Exception
- Handle document-style operations specially.
- Overrides:
createResponseBody in class RPCProvider
- Throws:
Exception
generateWSDL
public void generateWSDL(MessageContext msgContext)
throws AxisFault
- Specified by:
generateWSDL in interface Handler- Overrides:
generateWSDL in class BasicProvider
- Throws:
AxisFault
Copyright © 2001-2007 University of Southampton IT Innovation Centre. All Rights Reserved.