Class EntitlementCallbackHandler
- java.lang.Object
-
- org.wso2.carbon.identity.entitlement.mediator.callback.EntitlementCallbackHandler
-
- Direct Known Subclasses:
KerberosEntitlementCallbackHandler
,SAMLEntitlementCallbackHandler
,UTEntitlementCallbackHandler
,X509EntitlementCallbackHandler
public abstract class EntitlementCallbackHandler extends Object
An extension to this class can feed the Entitlement mediator with subject/resource/action and envs.
-
-
Constructor Summary
Constructors Constructor Description EntitlementCallbackHandler()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description String
findAction(org.apache.synapse.MessageContext synCtx)
If the property xacml_action defined under axis2 scope been found - then the value of that property will be picked as the action - if not the default action is "read".String
findOperationName(org.apache.synapse.MessageContext synCtx)
Get the name of the operation been invoked by the user.org.wso2.carbon.identity.entitlement.proxy.Attribute[]
findOtherAttributes(org.apache.synapse.MessageContext synCtx)
Optional hook to supply additional attributes for any category including urn:oasis:names:tc:xacml:3.0:attribute-category:environmentString
findServiceName(org.apache.synapse.MessageContext synCtx)
Get the name the service been invoked by the user.String
getUserName(org.apache.synapse.MessageContext synCtx)
Get the user name who should be authorized against defined Entitlement policies.
-
-
-
Method Detail
-
getUserName
public String getUserName(org.apache.synapse.MessageContext synCtx)
Get the user name who should be authorized against defined Entitlement policies. The default implementation reads the subject name from theorg.apache.axis2.context.MessageContext
as a property. The name of this property should be set as a property defined under axis2 scope with the name xacml_subject_identifier. If the property xacml_subject_identifier not found, then the subject name would be read from a property defined under axis2 scope with the name xacml_subject- Parameters:
synCtx
-- Returns:
-
findOperationName
public String findOperationName(org.apache.synapse.MessageContext synCtx)
Get the name of the operation been invoked by the user. If the property xacml_use_rest defined under axis2 scope been found - with the value "true" - the HTTP_METHOD will be picked as the operation name.- Parameters:
synCtx
-- Returns:
-
findServiceName
public String findServiceName(org.apache.synapse.MessageContext synCtx)
Get the name the service been invoked by the user. If the property xacml_resource_prefix defined under axis2 scope been found - the service name will be prefixed by that value. Also if the property xacml_resource_prefix_only defined under axis2 scope been found and been set to true - then the service name will be replaced by the value found in xacml_resource_prefix.- Parameters:
synCtx
-- Returns:
-
findAction
public String findAction(org.apache.synapse.MessageContext synCtx)
If the property xacml_action defined under axis2 scope been found - then the value of that property will be picked as the action - if not the default action is "read".- Parameters:
synCtx
-- Returns:
-
findOtherAttributes
public org.wso2.carbon.identity.entitlement.proxy.Attribute[] findOtherAttributes(org.apache.synapse.MessageContext synCtx)
Optional hook to supply additional attributes for any category including urn:oasis:names:tc:xacml:3.0:attribute-category:environment- Parameters:
synCtx
-- Returns:
-
-