All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class semper.access.AccessMan

java.lang.Object
   |
   +----semper.access.AccessMan

public class AccessMan
extends Object
SEMPER Access Control Service.

Main access control entry point.

The access control service is responsible for authenticating and authorizing applications and modules. To this end, AccessMan implements the following two methods:

registerSignedApplication()
To register an application with the access control service and to create an access control handle based on the user and application profile and pass the constructed handle so that the application can authenticate itself to the access control service later on.
registerSignedModule()
To register a module with the access control service and to create an access control handle based on the application profile and pass the constructed handle so that the module can authenticate itself to the access control service later on.

Version:
$Revision: 1.8 $ $Date: 1997/12/19 14:02:22 $
Author:
Mogens Rom Andersen (andersen@r3.ch)
See Also:
AccessControlHandle, Capability, Role

Constructor Index

 o AccessMan()

Method Index

 o dumpActive()
Dump all active role/capability to the log file.
 o dumpInactive()
Dump all inactive roles/capabilities to the log file.
 o exit()
Finalize the access control manager.
 o getCoreCapability()
Get the name of the core capability

Precondition:
Access manager must have been initialised.
 o getNoTrustRole()
Retrieves the ACM NoTrustRole.
 o init()
Initialise the access manager.
 o isInitialised()
Check whether the access manager has been initialised.
 o isSignatureValid(String)
Dummy function.
 o peekCurrentRole()
Peeks the topmost role on the current role stack.
 o registerSignedApplication(String)
Register an application to the access control manager.
 o registerSignedModule(String)
Register a module to the access control manager.
 o verifyCapability(AccessControlHandle, Capability)
No longer supported verification function.
 o verifyCapability(Capability)
No longer supported verification function.

Constructors

 o AccessMan
 public AccessMan()

Methods

 o init
 public static final void init()
Initialise the access manager.

Creates the SEMPER core role and initialises datastructures. Must be called before any other functions of the access control service are called.

Precondition:
AccessMan.isInitialised() returns false.
Postcondition:
All other functions of the access control service can be called. AccessMan.isInitialised() returns true.
Todo:
Handling of the TINGUIN display may change.

See Also:
isInitialised
 o exit
 public static final void exit()
Finalize the access control manager.

Remove the standard SEMPER roles and destroy all internal datastructures. After this, all functions of the access control service are inaccessible.

Precondition:
AccessMan.isInitialised() returns true.
Postcondition:
All other functions of the access control service are disabled and should not be called until after another call to AccessMan.init(). AccessMan.isInitialised() returns false.
Todo:
Handling of the TINGUIN display may change.

See Also:
isInitialised
 o isInitialised
 public static final boolean isInitialised()
Check whether the access manager has been initialised.

Checks whether the access manager was initialised using AccessMan.init() and not yet finalised using AccessMan.exit(). If this is the case, all its internal datastructures have been properly set up and all functions of the access control service are accessible.

Precondition:
(none)
Postcondition:
(none)
Todo:
(nothing)

Returns:
true if the access control service is initialised, false if not.
See Also:
init, exit
 o dumpInactive
 public static final void dumpInactive()
Dump all inactive roles/capabilities to the log file.

This function dumps a short report for all existing inactive role and capabilities to the log file (level Log.TRACE). This report includes the name, description and parameters of the specific persistent role, plus a list of its persistent member capabilities.

Precondition:
Access manager must have been initialised.
Postcondition:
(none)
Todo:
(nothing)

See Also:
writeToLog, getInfo
 o dumpActive
 public static final void dumpActive()
Dump all active role/capability to the log file.

This function dumps, for each registered application, a short report for each of its active roles, persistent or not, to the log file (level Log.TRACE). This report includes the name, description and parameters of the specific role, plus a list of its capability members.

Precondition:
Access manager must have been initialised.
Postcondition:
(none)
Todo:
(nothing)

See Also:
writeToLog, getInfo, getInfo
 o peekCurrentRole
 public static Role peekCurrentRole() throws RoleException
Peeks the topmost role on the current role stack.

Precondition:
Access manager must have been initialised.
Postcondition:
Unchanged, leaves current role stack intact
Todo:
Nothing

Returns:
topmost current role
Throws: RoleException
if the current stack is empty
 o getNoTrustRole
 public static Role getNoTrustRole()
Retrieves the ACM NoTrustRole.

Precondition:
Access manager must have been initialised.
Postcondition:
Unchanged.
Todo:
Nothing

Returns:
ACM NoTrustRole
 o getCoreCapability
 public static String getCoreCapability()
Get the name of the core capability

Precondition:
Access manager must have been initialised.
Postcondition:
Unchanged.
Todo:
Nothing

Returns:
name of CoreCapability
 o registerSignedApplication
 public static final ControlledApplication registerSignedApplication(String controlled_class) throws RegistrationException, NameUsageException, IOException
Register an application to the access control manager.

The registration procedure is as follows:

  • Create an instance of the class defined by ControlledClass, and construct the application profile using the data stored in the associated properties. RegistrationExceptions are thrown if this step fails; this indicates an error in the ControlledClass or in its properties.
  • Set up a user profile from login name.
  • Throw a NameUsageException if the name of the application + user is not unique.
  • Ask preferences for the list of login role names through group: User-roles, field: name of the user.
  • Compute the requested intersection of the roles in user profile and the application profile. If the intersection is empty use the default role "NoTrust", marked disabled.
  • If requested from properties, retrieve the set of persistent roles and insert in handle.
  • Create functional profiles according to properties.
  • Add the constructed roles to the active roles for this application, and enable/disable each active role in the list according to persistent status.
  • Insert the constructed access control handle in the controlled application object.

Precondition:
Access manager must have been initialised.
Postcondition:
The superclass ControlledApplication of the instance returned contains an instance of the application control handle belonging to this application (set using its storeAccessControlHandle() method), with properly setup active roles.
Todo:

Parameters:
ControlledClass - The Controlled Class
Returns:
An instance of the class represented by ControlledClass.
Throws: RegistrationException
if something went wrong registering the application; usually indicates an error in the bytecode for the application or missing properties.
Throws: NameUsageException
if the name of the user and the application together are not unique
See Also:
ControlledApplication, ControlledClassLoader, AccessControlHandle
 o registerSignedModule
 public static final void registerSignedModule(String controlled_class) throws RegistrationException, NameUsageException, IOException
Register a module to the access control manager. The rights given to a module are user independant.

The registration procedure is as follows:

  • Create an instance of the class defined by ControlledClass, and construct the application profile using the data stored in the associated properties. RegistrationExceptions are thrown if this step fails; this indicates an error in the ControlledClass or in its properties.
  • Set up a user profile from _MODULE_USER_xxx, where xxx is a random string.
  • Throw a NameUsageException if the name of the application + user is not unique.
  • Compute the requested intersection of the roles in user profile and the application profile. If the intersection is empty use the default role "NoTrust", marked disabled.
  • If requested from properties, retrieve the set of persistent roles and insert in handle.
  • Create functional profiles according to properties.
  • Add the constructed roles to the active roles for this application, and enable/disable each active role in the list according to persistent status.
  • Insert the constructed access control handle in the controlled module object.

Precondition:
Access manager must have been initialised.
Postcondition:
The static variable __moduleHandle in superclass ControlledModule of the module object is initialised.
Todo:
.

Parameters:
ControlledClass - The Controlled Class *
Throws: RegistrationException
if something went wrong registering the module; usually indicates an error in the bytecode for the Controlled class or missing properties.
See Also:
ControlledModule, ControlledClassLoader, AccessControlHandle
 o verifyCapability
 public static final boolean verifyCapability(Capability c)
No longer supported verification function. Maintained only for backward compatility on compile. To be removed

 o verifyCapability
 public static final boolean verifyCapability(AccessControlHandle handle,
                                              Capability c)
No longer supported verification function. Maintained only for backward compatility on compile. To be removed

 o isSignatureValid
 public static final boolean isSignatureValid(String controlled_class)
Dummy function. To be removed when download/installer module implements it.


All Packages  Class Hierarchy  This Package  Previous  Next  Index