org.apache.directory.server.core.authz.support
Class MostSpecificProtectedItemFilter

java.lang.Object
  extended by org.apache.directory.server.core.authz.support.MostSpecificProtectedItemFilter
All Implemented Interfaces:
ACITupleFilter

public class MostSpecificProtectedItemFilter
extends java.lang.Object
implements ACITupleFilter

An ACITupleFilter that chooses the tuples with the most specific protected item. (18.8.4.3, X.501)

If more than one tuple remains, choose the tuples with the most specific protected item. If the protected item is an attribute and there are tuples that specify the attribute type explicitly, discard all other tuples. If the protected item is an attribute value, and there are tuples that specify the attribute value explicitly, discard all other tuples. A protected item which is a rangeOfValues is to be treated as specifying an attribute value explicitly.

Version:
$Rev: 493916 $, $Date: 2007-01-08 03:44:33 +0100 (Mon, 08 Jan 2007) $
Author:
Apache Directory Project

Constructor Summary
MostSpecificProtectedItemFilter()
           
 
Method Summary
 java.util.Collection filter(java.util.Collection tuples, OperationScope scope, PartitionNexusProxy proxy, java.util.Collection userGroupNames, org.apache.directory.shared.ldap.name.LdapDN userName, javax.naming.directory.Attributes userEntry, org.apache.directory.shared.ldap.aci.AuthenticationLevel authenticationLevel, org.apache.directory.shared.ldap.name.LdapDN entryName, java.lang.String attrId, java.lang.Object attrValue, javax.naming.directory.Attributes entry, java.util.Collection microOperations)
          Returns the collection of the filtered tuples using the specified extra information.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

MostSpecificProtectedItemFilter

public MostSpecificProtectedItemFilter()
Method Detail

filter

public java.util.Collection filter(java.util.Collection tuples,
                                   OperationScope scope,
                                   PartitionNexusProxy proxy,
                                   java.util.Collection userGroupNames,
                                   org.apache.directory.shared.ldap.name.LdapDN userName,
                                   javax.naming.directory.Attributes userEntry,
                                   org.apache.directory.shared.ldap.aci.AuthenticationLevel authenticationLevel,
                                   org.apache.directory.shared.ldap.name.LdapDN entryName,
                                   java.lang.String attrId,
                                   java.lang.Object attrValue,
                                   javax.naming.directory.Attributes entry,
                                   java.util.Collection microOperations)
                            throws javax.naming.NamingException
Description copied from interface: ACITupleFilter
Returns the collection of the filtered tuples using the specified extra information.

Specified by:
filter in interface ACITupleFilter
Parameters:
tuples - the collection of tuples to filter
scope - the scope of the operation to be performed
proxy - the proxy interceptor for this filter to access the DIT
userGroupNames - the collection of group (Name)s which the current user belongs to
userName - the Name of the current user
userEntry - the Attributes of the current user entry in the DIT
authenticationLevel - the level of authentication of the current user
entryName - the Name of the entry the current user accesses
attrId - the attribute ID the current user accesses
attrValue - the value of the attribute the current user accesses
entry - the Attributes of the entry the current user accesses
microOperations - the set of MicroOperations the current user will perform
Returns:
the collection of filtered tuples
Throws:
javax.naming.NamingException - if failed to filter the specifiec tuples


Copyright © 2003-2010 Apache Software Foundation. All Rights Reserved.