3 * ====================================================================
5 * Copyright (c) 2001 Sun Microsystems, Inc. All rights reserved.
7 * The Sun Project JXTA(TM) Software License
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions are met:
12 * 1. Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
19 * 3. The end-user documentation included with the redistribution, if any, must
20 * include the following acknowledgment: "This product includes software
21 * developed by Sun Microsystems, Inc. for JXTA(TM) technology."
22 * Alternately, this acknowledgment may appear in the software itself, if
23 * and wherever such third-party acknowledgments normally appear.
25 * 4. The names "Sun", "Sun Microsystems, Inc.", "JXTA" and "Project JXTA" must
26 * not be used to endorse or promote products derived from this software
27 * without prior written permission. For written permission, please contact
28 * Project JXTA at http://www.jxta.org.
30 * 5. Products derived from this software may not be called "JXTA", nor may
31 * "JXTA" appear in their name, without prior written permission of Sun.
33 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
34 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
35 * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL SUN
36 * MICROSYSTEMS OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
37 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
38 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
39 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
40 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
41 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
42 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
44 * JXTA is a registered trademark of Sun Microsystems, Inc. in the United
45 * States and other countries.
47 * Please see the license information page at :
48 * <http://www.jxta.org/project/www/license.html> for instructions on use of
49 * the license in source files.
51 * ====================================================================
53 * This software consists of voluntary contributions made by many individuals
54 * on behalf of Project JXTA. For more information on Project JXTA, please see
55 * http://www.jxta.org.
57 * This license is based on the BSD license adopted by the Apache Foundation.
60 package net.jxta.access;
63 import net.jxta.credential.Credential;
64 import net.jxta.credential.PrivilegedOperation;
65 import net.jxta.document.Element;
66 import net.jxta.service.Service;
70 * The Access Service is used by JXTA Applications and Services to determine if
71 specific operations are permitted for a particular identity.
73 * <p/>Each Access Service implementation provides a mechanism for determining
74 * if, for a given operation and identity, the operation is permitted.
76 public interface AccessService extends Service {
79 * The result of an access check.
81 public enum AccessResult {
84 * State is unknown or could not be established.
86 * <p/><strong>The operation should not be performed.</strong>
88 * <p/>This result may not be used by all Access Service
92 * Operation is disallowed.
94 * <p/><strong>The operation should not be performed.</strong>
97 * Operation is permitted.
99 * <p/><strong>The operation should be performed.</strong>
102 * Operation would be permitted, but one (or more) of the provided
103 * credentials was expired.
105 * <p/><strong>The operation should not be performed.</strong>
107 * <p/>This result may not be used by all Access Service
109 **/ PERMITTED_EXPIRED
113 * Determine if a privileged operation is permitted for a given identity.
115 * @param operation The operation which is being requested or {@code null}.
116 * {@code null} signifies that the operation is unimportant though the
117 * credential must be valid.
118 * @param credential The identity which is requesting or {@code null}. A
119 * {@code null} value indicates that no credential is available.
120 * @return the result of the access check.
122 public AccessResult doAccessCheck(PrivilegedOperation operation, Credential credential);
125 * Create a new privileged operation with the specified subject. Each
126 * operation is also associated with an identity, the offerer. Generally
127 * the privileged operation is cryptographically signed by the offerer.
129 * @see net.jxta.credential.Credential
131 * @param subject The subject of the operation. This usually identifies
132 * what operation is being requested.
133 * @param offerer The identity which is offering the operation.
134 * @return The privileged operation object
136 public PrivilegedOperation newPrivilegedOperation(Object subject, Credential offerer);
139 * Read a privileged operation from a portion of a structured document.
141 * @param source The root of the document portion containing the serialized
142 * representation of the privileged operation.
143 * @return The privileged operation object.
145 public PrivilegedOperation newPrivilegedOperation(Element source);