kaos.policy.guard
Class PermissionClassifier

java.lang.Object
  kaos.policy.guard.PermissionClassifier

public class PermissionClassifier
extends java.lang.Object

This class is used when Guard forbids an action based on some A- policy. That is, when Guard's 'checkPermission()' throws an authorization exception. In this case, that ActionInstanceDescription instance and the exception is passed to this class (if so configured), and this class, based on its configuration, either contacts a human, or Kaa, to see if that policy can be overridden and authorization granted in this instance.

Field Summary

protected java.util.Vector	_actionsForAppeal
protected java.lang.String	_firstContact
protected Locator	_kaaLocator
protected KAoSAgentDirectoryServiceProxy	_kaosDirectoryService
protected java.util.Vector	_msgQueue
protected Locator	_myLocator
protected java.lang.String	_nickName
protected java.lang.String	_secondContact
protected Locator	_slikLocator
protected int	_timeout
protected TransportSupport	_transport
protected java.lang.String	_transportType
static java.lang.String	KAA
static java.lang.String	SLIK

Constructor Summary

PermissionClassifier(KAoSAgentDirectoryServiceProxy dirProxy, java.lang.String transportType, java.util.Vector actions)

Method Summary

boolean	alternateCheckPermission(ActionInstanceDescription actionInstDesc, KAoSSecurityException exp)
boolean	checkPermission(ActionInstanceDescription actionInstDesc, KAoSSecurityException exp) The method to process the given authorization exception for the given action and see if that action can be allowed.
Locator	getLocatorForAgentNickname(java.lang.String nickName) A method for sending a query to directory service to find an agent's description, and from that, its locator.
protected void	printDebugString(java.lang.String msg, int loggerDisplayLevel)
void	receiveMessage(TransportMessage tm)
void	setFirstContact(java.lang.String contact) A method for specifying whom the classifier should contact first for appealing.
void	setSecondContact(java.lang.String contact) A method for specifying whom the classifier should contact if the first contact does not respond.
void	setTimeoutValue(int timeout) A method for specifying the amount of time (in miliseconds) this classifier should wait for reply after contacting slik or Kaa.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

_nickName

protected java.lang.String _nickName

_transportType

protected java.lang.String _transportType

_kaosDirectoryService

protected KAoSAgentDirectoryServiceProxy _kaosDirectoryService

_transport

protected TransportSupport _transport

_myLocator

protected Locator _myLocator

_msgQueue

protected java.util.Vector _msgQueue

_actionsForAppeal

protected java.util.Vector _actionsForAppeal

_slikLocator

protected Locator _slikLocator

_kaaLocator

protected Locator _kaaLocator

_firstContact

protected java.lang.String _firstContact

_secondContact

protected java.lang.String _secondContact

_timeout

protected int _timeout

SLIK

public static final java.lang.String SLIK

See Also:

Constant Field Values

KAA

public static final java.lang.String KAA

See Also:

Constant Field Values

Constructor Detail

PermissionClassifier

public PermissionClassifier(KAoSAgentDirectoryServiceProxy dirProxy,
                            java.lang.String transportType,
                            java.util.Vector actions)

Method Detail

setFirstContact

public void setFirstContact(java.lang.String contact)

A method for specifying whom the classifier should contact first for appealing. The default first contact is slik.

Parameters:

contact - A String specifying either slik or Kaa. null if no one is to be contacted as first contact.

setSecondContact

public void setSecondContact(java.lang.String contact)

A method for specifying whom the classifier should contact if the first contact does not respond. The default second contact is Kaa.

Parameters:

contact - A String specifying either slik or Kaa. null if no one is to be contacted as second contact.

setTimeoutValue

public void setTimeoutValue(int timeout)

A method for specifying the amount of time (in miliseconds) this classifier should wait for reply after contacting slik or Kaa. The default is 5000.

Parameters:

timeout - the timeout value

getLocatorForAgentNickname

public Locator getLocatorForAgentNickname(java.lang.String nickName)

A method for sending a query to directory service to find an agent's description, and from that, its locator.

Parameters:

nickName - the nickname of the agent whose locator we want to find.

Returns:

Locator the locator of the given agent.

checkPermission

public boolean checkPermission(ActionInstanceDescription actionInstDesc,
                               KAoSSecurityException exp)
                        throws KAoSSecurityException

The method to process the given authorization exception for the given action and see if that action can be allowed.

Parameters:

actionInstDesc - the action that caused the authorization exception.

forbiddingPolicyID - the id of the policy forbidding the given action.

Returns:

true if the action is allowed, false otherwise.

Throws:

KAoSSecurityException

alternateCheckPermission

public boolean alternateCheckPermission(ActionInstanceDescription actionInstDesc,
                                        KAoSSecurityException exp)
                                 throws KAoSSecurityException

Throws:

KAoSSecurityException

receiveMessage

public void receiveMessage(TransportMessage tm)

printDebugString

protected void printDebugString(java.lang.String msg,
                                int loggerDisplayLevel)