com.netscape.certsrv.evaluators
Interface IAccessEvaluator

All Known Implementing Classes:
GroupAccessEvaluator, IPAddressAccessEvaluator, UserAccessEvaluator, UserOrigReqAccessEvaluator

public interface IAccessEvaluator

A class represents an evaluator. An evaluator is used to evaluate an expression. For example, one can write an evaluator to evaluate if a user belongs to a certain group. An evaluator is generally used for access control expression evaluation, however, it can be used for other evaluation-related operations.

Version:
$Revision: 1211 $, $Date: 2010-08-18 10:15:37 -0700 (Wed, 18 Aug 2010) $

Method Summary
 boolean evaluate(IAuthToken authToken, java.lang.String type, java.lang.String op, java.lang.String value)
          Evaluates if the given value satisfies the access control in authToken obtained from Authentication.
 boolean evaluate(java.lang.String type, java.lang.String op, java.lang.String value)
          Evaluates if the given value satisfies the access control in current context.
 java.lang.String getDescription()
          Gets the description of the evaluator
 java.lang.String[] getSupportedOperators()
          Get the supported operators for this evaluator
 java.lang.String getType()
          Gets the type of the evaluator.
 void init()
          Initialize the evaluator
 

Method Detail

init

void init()
Initialize the evaluator


getType

java.lang.String getType()
Gets the type of the evaluator. Type is defined by each evaluator plugin. Each evaluator plugin should have a unique type.

Returns:
type of the evaluator

getDescription

java.lang.String getDescription()
Gets the description of the evaluator

Returns:
a text description for this evaluator

evaluate

boolean evaluate(java.lang.String type,
                 java.lang.String op,
                 java.lang.String value)
Evaluates if the given value satisfies the access control in current context.

Parameters:
type - Type of the evaluator, eg, user, group etc
op - Operator of the evaluator, eg, =, !=
value - Part of the expression that can be used to evaluate, e.g, value can be the name of the group if the purpose of the evaluator is to evaluate if the user is a member of the group.
Returns:
true if the evaluation expression is matched; false otherwise.

evaluate

boolean evaluate(IAuthToken authToken,
                 java.lang.String type,
                 java.lang.String op,
                 java.lang.String value)
Evaluates if the given value satisfies the access control in authToken obtained from Authentication.

Parameters:
authToken - Authentication token
type - Type of the evaluator, eg, user, group etc
op - Operator of the evaluator, eg, =, !=
value - Part of the expression that can be used to evaluate, e.g, value can be the name of the group if the purpose of the evaluator is to evaluate if the user is a member of the group.
Returns:
true if the evaluation expression is matched; false otherwise.

getSupportedOperators

java.lang.String[] getSupportedOperators()
Get the supported operators for this evaluator

Returns:
Supported operators in string array