All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class semper.access.Role

java.lang.Object
   |
   +----semper.access.Role

public abstract class Role
extends Object
SEMPER Access Control.

Access control in SEMPER is role based. Distributions own one or more roles A role contains zero or more capabilities. Each capability guards an action. If subject owns the capability and it is valid, the application is allowed to perform the corresponding action.

Roles are known both in the subject and object.

AC Mgr creates two special standard roles on startup (NoTrust, CoreRole), and optionally one to three functional roles with each registration.

Additional roles may be created at any time during run.

Role is an abstract class representing a generic role object. Three example role classes are provided with the ACM. They differ only in how the subclassed object is enabled/disabled (user is promptet for a confirmation on TINGUIN, depends on validity of the signature for the controlling class and always enabled).

Other role classes can easily be created like one prompting the user for a password instead of a simple confirmation.

Roles are either persistent or non-persistent.

A persistent role in the AC Mgr will always be a mirror of its counterpart serialized in the Archive, while non-persistent role exists in AC Mgr only and will vanish with the SEMPER session.

Version:
$Revision: 1.7 $ $Date: 1997/12/19 14:13:50 $
Author:
Mogens Rom Andersen (andersen@r3.ch)
See Also:
UserRole, SignatureRole, EnabledRole

Variable Index

 o allRoles
The set of all roles.
 o description
Description of the role.
 o myCapabilities
the set of all capabilities belonging to this role Elements are of class Capability or lower.
 o name
Name of the role.

Constructor Index

 o Role()

Method Index

 o addCapability(Capability)
 o finish()
Finish with a role.
 o getAllRoles()
Get all existing roles.
 o getCapabilities()
Get all capabilities in this role.
 o getDescription()
Get description of the role.
 o getInfo()
Obtain a short string describing the role and its parameters.
 o getName()
Get name of the role.
 o getRole(String)
Find a role with a specific name.
 o removeCapability(Capability)
Remove the capability from a role.
 o verify()
Verify the role.
 o writeToLog()
Dump roles to the log file.

Variables

 o allRoles
 protected static Hashtable allRoles
The set of all roles. A hashtable indexed by the names of the roles. Elements are of type Role

See Also:
getRole, getAllRoles
 o myCapabilities
 protected Vector myCapabilities
the set of all capabilities belonging to this role Elements are of class Capability or lower.

See Also:
addCapability, removeCapability, getCapabilities
 o name
 protected String name
Name of the role. Used in dialogs with the user, e.g. when asked to enable the role.

 o description
 protected String description
Description of the role. Used in dialogs with the user, e.g. when asked to enable the role.

Constructors

 o Role
 public Role()

Methods

 o getName
 public String getName()
Get name of the role.

 o getDescription
 public String getDescription()
Get description of the role.

 o getInfo
 public abstract String getInfo()
Obtain a short string describing the role and its parameters.

Useful for logging. Abstract method to be defined by each role class seperately. Should info regarding this role.

Returns:
A short string describing the role.
 o verify
 public abstract boolean verify()
Verify the role.

Abstract method to be defined by each role class seperately. Shall check if role is enabled or not.

Returns:
true if the role is enabled, false otherwise
 o addCapability
 protected void addCapability(Capability c)
 o removeCapability
 protected void removeCapability(Capability c)
Remove the capability from a role.

If the capability is not a member, nothing happens. See the documentation on addCapability for details.

Parameters:
c - capability to remove.
See Also:
addCapability, removeFromRole
 o getCapabilities
 public final Enumeration getCapabilities()
Get all capabilities in this role.

Return an enumeration of all capabilities that belong to this role.

Precondition:
Access manager must have been initialised.
Postcondition:
(none)
Todo:
(nothing)

Returns:
an enumeration of all capabilities in the role.
 o getAllRoles
 public static Enumeration getAllRoles()
Get all existing roles.
Precondition:
Access manager must have been initialised.
Postcondition:
(none)
Todo:
(nothing)

Returns:
an enumeration of all existing roles.
 o getRole
 public static Role getRole(String name)
Find a role with a specific name.

Return the role with name name, or null if it does not exist.

Precondition:
Access manager must have been initialised.
Postcondition:
(none)
Todo:
(nothing)

Parameters:
name - name of the role to return.
Returns:
the role with that name, or null if the requested role does not exist.
 o finish
 public final void finish()
Finish with a role.

Clears all internal references to a role so that it can be garbage collected. This is necessary because a reference to each role is stored in the class variable allRoles.

Precondition:
Access manager must have been initialised.
Postcondition:
(none)
Todo:
(nothing)

 o writeToLog
 public void writeToLog()
Dump roles to the log file.

Dump a description of the roles (using getInfo()) and a description of all member capabilities to the log-file at level Log.TRACE.

Precondition:
Access manager must have been initialised.
Postcondition:
(none)
Todo:
(nothing)


All Packages  Class Hierarchy  This Package  Previous  Next  Index