public interface AccessControl extends CacheCallback
security-client-accessorsystem property with all the servers uniformly in the distributed system for client authorization. When the
security-client-accessor-ppproperty is set then the callback mentioned is invoked after the operation completes successfully and when sending notifications. When the registration has been done for a client/peer then an object of this class is created for each connection from the client/peer and the
authorizeOperationmethod invoked before/after each operation.
|Modifier and Type||Method and Description|
Check if the given operation is allowed for the cache/region.
Initialize the callback for a client/peer having the given principal.
void init(Principal principal, DistributedMember remoteMember, Cache cache) throws NotAuthorizedException
authorizeOperationin each operation.
principal- the principal associated with the authenticated client or peer; a null principal implies an unauthenticated client which should be handled properly by implementations
DistributedMemberobject for the remote authenticated client or peer
cache- reference to the cache object
NotAuthorizedException- if some exception condition happens during the initialization; in such a case all subsequent client operations on that connection will throw
boolean authorizeOperation(String regionName, OperationContext context)
initcall made when the connection was established so that this call is as quick as possible.
regionName- When null then it indicates a cache-level operation (i.e. one of
OperationContext.OperationCode.QUERY, else the name of the region for the operation.
context- When invoked before the operation then the data required by the operation. When invoked as a post-process filter then it contains the result of the operation. The data in the context can be possibly modified by the method.
Copyright © 1997-2017 Pivotal Software, Inc. All rights reserved.