Package org.apache.jackrabbit.oak.spi.security.authorization.principalbased

Interface Filter

  • @ProviderType
public interface Filter
    Interface that allows to define the principals for which principal based access control management and permission evaluation can be executed. For any other principals this module would never take effect.

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      boolean canHandle​(@NotNull java.util.Set<java.security.Principal> principals)
      Reveals if this filter implementation is able to handle the given set of principals.
      @NotNull java.lang.String getOakPath​(@NotNull java.security.Principal validPrincipal)
      Returns the Oak path of the Tree to which the policy for the given validPrincipal will be bound.
      @Nullable java.security.Principal getValidPrincipal​(@NotNull java.lang.String oakPath)
      Retrieves the ItemBasedPrincipal for the given oakPath and returns it if it is considered valid by the Filter implementation.

    • Method Detail

      • canHandle

        boolean canHandle​(@NotNull
                  @NotNull java.util.Set<java.security.Principal> principals)
        Reveals if this filter implementation is able to handle the given set of principals.
        Parameters:
        principals - A set of principals.
        Returns:
        true if the principals can be dealt with by this filter implementation, false otherwise.

      • getOakPath

        @NotNull
@NotNull java.lang.String getOakPath​(@NotNull
                                     @NotNull java.security.Principal validPrincipal)
        Returns the Oak path of the Tree to which the policy for the given validPrincipal will be bound. This method can rely on the fact that the given principal has been validated before and is not expected to validate the principal.
        Parameters:
        validPrincipal - A valid principal i.e. that has been validated through canHandle(Set).
        Returns:
        The absolute oak path to an exiting Tree. The policy for the given principal will be bound to that tree.
        Throws:
        java.lang.IllegalArgumentException - If the specified principal is not validated/valid.

      • getValidPrincipal

        @Nullable
@Nullable java.security.Principal getValidPrincipal​(@NotNull
                                                    @NotNull java.lang.String oakPath)
        Retrieves the ItemBasedPrincipal for the given oakPath and returns it if it is considered valid by the Filter implementation. Otherwise this method returns null.
        Parameters:
        oakPath - A non-null Oak path pointing to an ItemBasedPrincipal.
        Returns:
        A valid principal or null if no valid principal can be retrieved/exists for the given path.