01 /*
02 * Licensed to the Apache Software Foundation (ASF) under one
03 * or more contributor license agreements. See the NOTICE file
04 * distributed with this work for additional information
05 * regarding copyright ownership. The ASF licenses this file
06 * to you under the Apache License, Version 2.0 (the
07 * "License"); you may not use this file except in compliance
08 * with the License. You may obtain a copy of the License at
09 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 *
19 *
20 */
21 package org.apache.qpid.server.security.access;
22
23 import org.apache.commons.configuration.Configuration;
24 import org.apache.qpid.framing.AMQShortString;
25 import org.apache.qpid.server.exchange.Exchange;
26 import org.apache.qpid.server.protocol.AMQProtocolSession;
27 import org.apache.qpid.server.queue.AMQQueue;
28 import org.apache.qpid.server.virtualhost.VirtualHost;
29
30 public interface ACLPlugin
31 {
32 public enum AuthzResult
33 {
34 ALLOWED,
35 DENIED,
36 ABSTAIN
37 }
38
39 void setConfiguration(Configuration config);
40
41 // These return true if the plugin thinks the action should be allowed, and false if not.
42
43 AuthzResult authoriseBind(AMQProtocolSession session, Exchange exch, AMQQueue queue, AMQShortString routingKey);
44
45 AuthzResult authoriseCreateExchange(AMQProtocolSession session, boolean autoDelete, boolean durable,
46 AMQShortString exchangeName, boolean internal, boolean nowait, boolean passive, AMQShortString exchangeType);
47
48 AuthzResult authoriseCreateQueue(AMQProtocolSession session, boolean autoDelete, boolean durable, boolean exclusive,
49 boolean nowait, boolean passive, AMQShortString queue);
50
51 AuthzResult authoriseConnect(AMQProtocolSession session, VirtualHost virtualHost);
52
53 AuthzResult authoriseConsume(AMQProtocolSession session, boolean noAck, AMQQueue queue);
54
55 AuthzResult authoriseConsume(AMQProtocolSession session, boolean exclusive, boolean noAck, boolean noLocal,
56 boolean nowait, AMQQueue queue);
57
58 AuthzResult authoriseDelete(AMQProtocolSession session, AMQQueue queue);
59
60 AuthzResult authoriseDelete(AMQProtocolSession session, Exchange exchange);
61
62 AuthzResult authorisePublish(AMQProtocolSession session, boolean immediate, boolean mandatory,
63 AMQShortString routingKey, Exchange e);
64
65 AuthzResult authorisePurge(AMQProtocolSession session, AMQQueue queue);
66
67 AuthzResult authoriseUnbind(AMQProtocolSession session, Exchange exch, AMQShortString routingKey, AMQQueue queue);
68
69 }
|