iauthorizationsessionlocal.java

一个免费的CA,基于EJB平台的,老师叫我们测试,现把之共享出来让大家参考

/*
 * Generated by XDoclet - Do not edit!
 */
package org.ejbca.core.ejb.authorization;

/**
 * Local interface for AuthorizationSession.
 */
public interface IAuthorizationSessionLocal
   extends javax.ejb.EJBLocalObject
{
   /**
    * Method to initialize authorization bean, must be called directly after creation of bean. Should only be called once.
    */
   public void initialize( org.ejbca.core.model.log.Admin admin,int caid ) throws org.ejbca.core.model.authorization.AdminGroupExistsException;

   /**
    * Method to check if a user is authorized to a certain resource.
    * @param admin the administrator about to be authorized, see org.ejbca.core.model.log.Admin class.
    * @param resource the resource to check authorization for.
    */
   public boolean isAuthorized( org.ejbca.core.model.log.Admin admin,java.lang.String resource ) throws org.ejbca.core.model.authorization.AuthorizationDeniedException;

   /**
    * Method to check if a user is authorized to a certain resource without performing any logging.
    * @param admin the administrator about to be authorized, see org.ejbca.core.model.log.Admin class.
    * @param resource the resource to check authorization for.
    */
   public boolean isAuthorizedNoLog( org.ejbca.core.model.log.Admin admin,java.lang.String resource ) throws org.ejbca.core.model.authorization.AuthorizationDeniedException;

   /**
    * Method to check if a group is authorized to a resource.
    */
   public boolean isGroupAuthorized( org.ejbca.core.model.log.Admin admin,int admingrouppk,java.lang.String resource ) throws org.ejbca.core.model.authorization.AuthorizationDeniedException;

   /**
    * Method to check if a group is authorized to a resource without any logging.
    */
   public boolean isGroupAuthorizedNoLog( org.ejbca.core.model.log.Admin admin,int admingrouppk,java.lang.String resource ) throws org.ejbca.core.model.authorization.AuthorizationDeniedException;

   /**
    * Method to check if an administrator exists in the specified admingroup.
    */
   public boolean existsAdministratorInGroup( org.ejbca.core.model.log.Admin admin,int admingrouppk ) ;

   /**
    * Method to validate and check revokation status of a users certificate.
    * @param certificate the users X509Certificate.
    */
   public void authenticate( java.security.cert.X509Certificate certificate ) throws org.ejbca.core.model.authorization.AuthenticationFailedException;

   /**
    * Method to add an admingroup.
    * @param admingroupname name of new admingroup, have to be unique.
    * @throws AdminGroupExistsException if admingroup already exists.
    */
   public void addAdminGroup( org.ejbca.core.model.log.Admin admin,java.lang.String admingroupname,int caid ) throws org.ejbca.core.model.authorization.AdminGroupExistsException;

   /**
    * Method to remove a admingroup.
    */
   public void removeAdminGroup( org.ejbca.core.model.log.Admin admin,java.lang.String admingroupname,int caid ) ;

   /**
    * Metod to rename a admingroup
    * @throws AdminGroupExistsException if admingroup already exists.
    */
   public void renameAdminGroup( org.ejbca.core.model.log.Admin admin,java.lang.String oldname,int caid,java.lang.String newname ) throws org.ejbca.core.model.authorization.AdminGroupExistsException;

   /**
    * Method to get a reference to a admingroup.
    */
   public org.ejbca.core.model.authorization.AdminGroup getAdminGroup( org.ejbca.core.model.log.Admin admin,java.lang.String admingroupname,int caid ) ;

   /**
    * Returns a Collection of AdminGroup the administrator is authorized to. <p/> SuperAdmin is autorized to all groups Other admins are only authorized to the groups cointaining a subset of authorized CA that the admin himself is authorized to. <p/> The AdminGroup objects only contains only name and caid and no accessdata
    */
   public java.util.Collection getAuthorizedAdminGroupNames( org.ejbca.core.model.log.Admin admin ) ;

   /**
    * Adds a Collection of AccessRule to an an admin group.
    */
   public void addAccessRules( org.ejbca.core.model.log.Admin admin,java.lang.String admingroupname,int caid,java.util.Collection accessrules ) ;

   /**
    * Removes a Collection of (String) containing accessrules to remove from admin group.
    */
   public void removeAccessRules( org.ejbca.core.model.log.Admin admin,java.lang.String admingroupname,int caid,java.util.Collection accessrules ) ;

   /**
    * Replaces a groups accessrules with a new set of rules
    */
   public void replaceAccessRules( org.ejbca.core.model.log.Admin admin,java.lang.String admingroupname,int caid,java.util.Collection accessrules ) ;

   /**
    * Adds a Collection of AdminEnity to the admingroup. Changes their values if they already exists.
    */
   public void addAdminEntities( org.ejbca.core.model.log.Admin admin,java.lang.String admingroupname,int caid,java.util.Collection adminentities ) ;

   /**
    * Removes a Collection of AdminEntity from the administrator group.
    */
   public void removeAdminEntities( org.ejbca.core.model.log.Admin admin,java.lang.String admingroupname,int caid,java.util.Collection adminentities ) ;

   /**
    * Method used to collect an administrators available access rules based on which rule he himself is authorized to.
    * @param admin is the administrator calling the method.
    * @return a Collection of String containing available accessrules.
    */
   public java.util.Collection getAuthorizedAvailableAccessRules( org.ejbca.core.model.log.Admin admin ) ;

   /**
    * Method used to return an Collection of Integers indicating which CAids a administrator is authorized to access.
    */
   public java.util.Collection getAuthorizedCAIds( org.ejbca.core.model.log.Admin admin ) ;

   /**
    * Method used to return an Collection of Integers indicating which end entity profiles the administrator is authorized to view.
    * @param admin the administrator
    * @param rapriviledge should be one of the end entity profile authorization constans defined in AvailableAccessRules.
    */
   public java.util.Collection getAuthorizedEndEntityProfileIds( org.ejbca.core.model.log.Admin admin,java.lang.String rapriviledge ) ;

   /**
    * Method to check if an end entity profile exists in any end entity profile rules. Used to avoid desyncronization of profilerules.
    * @param profileid the profile id to search for.
    * @return true if profile exists in any of the accessrules.
    */
   public boolean existsEndEntityProfileInRules( org.ejbca.core.model.log.Admin admin,int profileid ) ;

   /**
    * Method to check if a ca exists in any ca specific rules. Used to avoid desyncronization of CA rules when ca is removed
    * @param caid the ca id to search for.
    * @return true if ca exists in any of the accessrules.
    */
   public boolean existsCAInRules( org.ejbca.core.model.log.Admin admin,int caid ) ;

   /**
    * Method to force an update of the autorization rules without any wait.
    */
   public void forceRuleUpdate( org.ejbca.core.model.log.Admin admin ) ;

}