public interface SecurityCheck
extends java.io.Externalizable
Modifier and Type | Method and Description |
---|---|
void |
authorize(java.util.Set scope,
java.util.Map credentials,
HttpServletRequest request,
AuthorizationResponse response)
Request the given scope from this security check.
|
SecurityCheckConfiguration |
createConfiguration(java.util.Properties properties)
Create configuration object and populate fields from the given properties.
|
long |
getExpiresAt()
Get the expiration of the current state of the security check.
|
int |
getInactivityTimeoutSec()
Get the security check inactivity timeout, usually the configured value.
|
void |
introspect(java.util.Set scope,
IntrospectionResponse response)
Make sure this check currently grants the requested scope.
If the scope is granted, the implementation should add the granted scope, its expiration, and custom introspection data to the response parameter. |
void |
logout()
Called upon explicit logout from this security check.
|
void |
setContext(java.lang.String name,
SecurityCheckConfiguration config,
AuthorizationContext authorizationContext,
RegistrationContext registrationContext)
Initialize the security check with the context and configuration properties.
|
SecurityCheckConfiguration createConfiguration(java.util.Properties properties)
properties
- the merged properties to read and validatevoid setContext(java.lang.String name, SecurityCheckConfiguration config, AuthorizationContext authorizationContext, RegistrationContext registrationContext)
name
- name of the security checkconfig
- security check configuration created by SecurityCheck.createConfiguration(Properties)
authorizationContext
- provides access to the transient state of the calling clientregistrationContext
- provides access to the persistent state of the calling clientint getInactivityTimeoutSec()
long getExpiresAt()
void authorize(java.util.Set scope, java.util.Map credentials, HttpServletRequest request, AuthorizationResponse response)
scope
- the requested scope, comes from the scope mapping processing.
Usually should not be analyzed by the security check, except of the case of a custom check
that knows exactly what scopes should be granted at any point.credentials
- the credentials sent by the client - either as a challenge response or pre-emptivelyrequest
- the pre-authorization or registration request sent by the clientresponse
- the response to which this check adds its success, challenge, or failurevoid introspect(java.util.Set scope, IntrospectionResponse response)
scope
- scope expected to be granted by this checkresponse
- the response to which this check adds its granted scope and custom introspection datavoid logout()
© Copyright IBM Corp. 2006, 2015. All Rights Reserved.