public interface Privilege extends AAAObject, Comparable<Privilege>
Unlike permission which implements a fine grained authorization scheme, Privilege implements a coarse grained authorization.
an Guarded could request for a Privilege in addition to Permission, while permission based authorization needs an exactly match the name of the permission required and the one principal has been granted, a privilege based authorization could do a comparable match. I.e. if a principal has a privilege with a level that is greater than the required privilege level, then the permission is granted.
| Modifier and Type | Interface and Description |
|---|---|
static class |
Privilege.F |
| Modifier and Type | Method and Description |
|---|---|
int |
compareTo(Privilege b)
Compare a privilege to another privilege.
|
int |
getLevel()
Returns the level of the privilege.
|
equals, getName, getProperty, hashCode, propertyKeys, setProperty, toString, unsetPropertyint getLevel()
Returns the level of the privilege. Suppose a guarded object require a privilege_A to access. And a user has been granted with privilege_B. The logic of authorization is to compare the level of privilege_A to privilege_B. If privilege_A level is greater than that of privilege_B then the user has no access to the object been guarded. if privilege_A level is equals to or less then that of privilege_B, then the A has access to the object
int compareTo(Privilege b)
Compare a privilege to another privilege. The result shall be align to compare the levels of the two privileges
compareTo in interface Comparable<Privilege>b - the privilege to be compared with this privilegeCopyright © 2017–2020 OSGL (Open Source General Library). All rights reserved.