kaos.policy.guard
Class PermissionClassifier

java.lang.Object
  extended by kaos.policy.guard.PermissionClassifier

public class PermissionClassifier
extends java.lang.Object

This class is used when Guard forbids an action based on some A- policy. That is, when Guard's 'checkPermission()' throws an authorization exception. In this case, that ActionInstanceDescription instance and the exception is passed to this class (if so configured), and this class, based on its configuration, either contacts a human, or Kaa, to see if that policy can be overridden and authorization granted in this instance.


Field Summary
protected  java.util.Vector _actionsForAppeal
           
protected  java.lang.String _firstContact
           
protected  Locator _kaaLocator
           
protected  KAoSAgentDirectoryServiceProxy _kaosDirectoryService
           
protected  java.util.Vector _msgQueue
           
protected  Locator _myLocator
           
protected  java.lang.String _nickName
           
protected  java.lang.String _secondContact
           
protected  Locator _slikLocator
           
protected  int _timeout
           
protected  TransportSupport _transport
           
protected  java.lang.String _transportType
           
static java.lang.String KAA
           
static java.lang.String SLIK
           
 
Constructor Summary
PermissionClassifier(KAoSAgentDirectoryServiceProxy dirProxy, java.lang.String transportType, java.util.Vector actions)
           
 
Method Summary
 boolean alternateCheckPermission(ActionInstanceDescription actionInstDesc, KAoSSecurityException exp)
           
 boolean checkPermission(ActionInstanceDescription actionInstDesc, KAoSSecurityException exp)
          The method to process the given authorization exception for the given action and see if that action can be allowed.
 Locator getLocatorForAgentNickname(java.lang.String nickName)
          A method for sending a query to directory service to find an agent's description, and from that, its locator.
protected  void printDebugString(java.lang.String msg, int loggerDisplayLevel)
           
 void receiveMessage(TransportMessage tm)
           
 void setFirstContact(java.lang.String contact)
          A method for specifying whom the classifier should contact first for appealing.
 void setSecondContact(java.lang.String contact)
          A method for specifying whom the classifier should contact if the first contact does not respond.
 void setTimeoutValue(int timeout)
          A method for specifying the amount of time (in miliseconds) this classifier should wait for reply after contacting slik or Kaa.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

_nickName

protected java.lang.String _nickName

_transportType

protected java.lang.String _transportType

_kaosDirectoryService

protected KAoSAgentDirectoryServiceProxy _kaosDirectoryService

_transport

protected TransportSupport _transport

_myLocator

protected Locator _myLocator

_msgQueue

protected java.util.Vector _msgQueue

_actionsForAppeal

protected java.util.Vector _actionsForAppeal

_slikLocator

protected Locator _slikLocator

_kaaLocator

protected Locator _kaaLocator

_firstContact

protected java.lang.String _firstContact

_secondContact

protected java.lang.String _secondContact

_timeout

protected int _timeout

SLIK

public static final java.lang.String SLIK
See Also:
Constant Field Values

KAA

public static final java.lang.String KAA
See Also:
Constant Field Values
Constructor Detail

PermissionClassifier

public PermissionClassifier(KAoSAgentDirectoryServiceProxy dirProxy,
                            java.lang.String transportType,
                            java.util.Vector actions)
Method Detail

setFirstContact

public void setFirstContact(java.lang.String contact)
A method for specifying whom the classifier should contact first for appealing. The default first contact is slik.

Parameters:
contact - A String specifying either slik or Kaa. null if no one is to be contacted as first contact.

setSecondContact

public void setSecondContact(java.lang.String contact)
A method for specifying whom the classifier should contact if the first contact does not respond. The default second contact is Kaa.

Parameters:
contact - A String specifying either slik or Kaa. null if no one is to be contacted as second contact.

setTimeoutValue

public void setTimeoutValue(int timeout)
A method for specifying the amount of time (in miliseconds) this classifier should wait for reply after contacting slik or Kaa. The default is 5000.

Parameters:
timeout - the timeout value

getLocatorForAgentNickname

public Locator getLocatorForAgentNickname(java.lang.String nickName)
A method for sending a query to directory service to find an agent's description, and from that, its locator.

Parameters:
nickName - the nickname of the agent whose locator we want to find.
Returns:
Locator the locator of the given agent.

checkPermission

public boolean checkPermission(ActionInstanceDescription actionInstDesc,
                               KAoSSecurityException exp)
                        throws KAoSSecurityException
The method to process the given authorization exception for the given action and see if that action can be allowed.

Parameters:
actionInstDesc - the action that caused the authorization exception.
forbiddingPolicyID - the id of the policy forbidding the given action.
Returns:
true if the action is allowed, false otherwise.
Throws:
KAoSSecurityException

alternateCheckPermission

public boolean alternateCheckPermission(ActionInstanceDescription actionInstDesc,
                                        KAoSSecurityException exp)
                                 throws KAoSSecurityException
Throws:
KAoSSecurityException

receiveMessage

public void receiveMessage(TransportMessage tm)

printDebugString

protected void printDebugString(java.lang.String msg,
                                int loggerDisplayLevel)