org.jsecurity.authz
Interface AuthorizingAccount

All Superinterfaces:

Account, AuthenticationInfo, AuthorizationInfo

All Known Implementing Classes:

SimpleAuthorizingAccount

Deprecated.

public interface AuthorizingAccount
extends Account

An AuthorizingAccount is an Account that knows about its assiged roles and permissions and can perform its own authorization (access control) checks. It primarily exists as a support class for Realm implementations that want to cache authorization state when doing an account lookup so multiple authorization checks do not need to access the Realm's underlying data store repeatedly.

Of course, an AuthorizingAccount concept is only a convenience mechansim if JSecurity account caching is enabled. Realm implementations are free to ignore this interface entirely and implement/override any of their Realm's Authorizer methods to execute the authorization checks as they see fit. (Realm is a sub-interface of Authorizer and therefore must implement those methods as well).

DEPRECATION NOTE: This interface and its default SimpleAuthorizingAccount implementation is deprecated and will be removed prior to 1.0 being released. Instead, either just return an Account instance, or if you want fine-grained control over authorization behavior, extend a subclass of AuthorizingRealm and implement your own security checks in the Realm itself instead of forcing this logic in your entity/domain classes where it could be error prone and unnecessarily couple these objects to JSecurity.

Since:

0.9

Author:

Jeremy Haile, Les Hazlewood

See Also:

AuthorizingRealm

Method Summary

void	checkPermission(Permission permission) Deprecated.
void	checkPermissions(Collection<Permission> permissions) Deprecated.
void	checkRole(String role) Deprecated.
void	checkRoles(Collection<String> roles) Deprecated.
boolean	hasAllRoles(Collection<String> roleIdentifiers) Deprecated.
boolean	hasRole(String roleIdentifier) Deprecated.
boolean[]	hasRoles(List<String> roleIdentifiers) Deprecated.
boolean[]	isPermitted(List<Permission> permissions) Deprecated.
boolean	isPermitted(Permission permission) Deprecated.
boolean	isPermittedAll(Collection<Permission> permissions) Deprecated.

Methods inherited from interface org.jsecurity.authc.AuthenticationInfo

getCredentials, getPrincipals

Methods inherited from interface org.jsecurity.authz.AuthorizationInfo

getObjectPermissions, getRoles, getStringPermissions

Method Detail

isPermitted

boolean isPermitted(Permission permission)

Deprecated.

See Also:

Subject.isPermitted(Permission)

isPermitted

boolean[] isPermitted(List<Permission> permissions)

Deprecated.

See Also:

Subject.isPermitted(java.util.List)

isPermittedAll

boolean isPermittedAll(Collection<Permission> permissions)

Deprecated.

See Also:

Subject.isPermittedAll(java.util.Collection)

checkPermission

void checkPermission(Permission permission)
                     throws AuthorizationException

Deprecated.

Throws:

AuthorizationException

See Also:

Subject.checkPermission(Permission)

checkPermissions

void checkPermissions(Collection<Permission> permissions)
                      throws AuthorizationException

Deprecated.

Throws:

AuthorizationException

See Also:

Subject.checkPermissions(java.util.Collection)

hasRole

boolean hasRole(String roleIdentifier)

Deprecated.

See Also:

Subject.hasRole(String)

hasRoles

boolean[] hasRoles(List<String> roleIdentifiers)

Deprecated.

See Also:

Subject.hasRoles(java.util.List)

hasAllRoles

boolean hasAllRoles(Collection<String> roleIdentifiers)

Deprecated.

See Also:

Subject.hasAllRoles(java.util.Collection)

checkRole

void checkRole(String role)

Deprecated.

See Also:

Subject.checkRole(String)

checkRoles

void checkRoles(Collection<String> roles)

Deprecated.

See Also:

Subject.checkRoles(java.util.Collection)