Source code

001/*
002 * Licensed to DuraSpace under one or more contributor license agreements.
003 * See the NOTICE file distributed with this work for additional information
004 * regarding copyright ownership.
005 *
006 * DuraSpace licenses this file to you under the Apache License,
007 * Version 2.0 (the "License"); you may not use this file except in
008 * compliance with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.fcrepo.auth.xacml;
019
020import java.net.URI;
021
022import org.jboss.security.xacml.interfaces.XACMLConstants;
023
024
025/**
026 * URIs that are used in this module.
027 *
028 * @author Gregory Jansen
029 */
030public abstract class URIConstants {
031
032    /**
033     * ID of the subject (user principal).
034     */
035    public static final URI ATTRIBUTEID_SUBJECT_ID = URI
036            .create(XACMLConstants.ATTRIBUTEID_SUBJECT_ID);
037
038    /**
039     * Roles
040     */
041    public static final String FCREPO_SUBJECT_ROLE_VALUE = "fcrepo-xacml:subject-role";
042    public static final URI FCREPO_SUBJECT_ROLE = URI.create(FCREPO_SUBJECT_ROLE_VALUE);
043
044    /**
045     * Groups
046     */
047    public static final String FCREPO_SUBJECT_GROUP_VALUE = "fcrepo-xacml:subject-group";
048    public static final URI FCREPO_SUBJECT_GROUP = URI.create(FCREPO_SUBJECT_GROUP_VALUE);
049
050    /**
051     * ID of the action (ModeShape permission name).
052     */
053    public static final URI ATTRIBUTEID_ACTION_ID = URI
054            .create(XACMLConstants.ATTRIBUTEID_ACTION_ID);
055
056    /**
057     * ID of the resource (ModeShape node/property path).
058     */
059    public static final URI ATTRIBUTEID_RESOURCE_ID = URI
060            .create(XACMLConstants.ATTRIBUTEID_RESOURCE_ID);
061
062    /**
063     * External URI of the resource (External Identifier).
064     */
065    public static final URI ATTRIBUTEID_RESOURCE_URI = URI.create("urn:fedora:xacml:2.0:resource:resource-uri");
066
067    /**
068     * ID of the ModeShape workspace for this resource.
069     */
070    public static final URI ATTRIBUTEID_RESOURCE_WORKSPACE = URI
071            .create("urn:fedora:xacml:2.0:resource:resource-workspace");
072
073    /**
074     * Scope of the request (DESCENDANTS if "remove", IMMEDIATE otherwise).
075     */
076    public static final URI ATTRIBUTEID_RESOURCE_SCOPE = URI
077            .create("urn:oasis:names:tc:xacml:1.0:resource:scope");
078
079    public static final String XACML_POLICY_PROPERTY = "authz:policy";
080
081    public static final String POLICY_URI_PREFIX = "info:fedora";
082
083    /**
084     * Original request IP, which may be forwarded by an application.
085     */
086    public static final URI ATTRIBUTEID_ENVIRONMENT_ORIGINAL_IP_ADDRESS = URI
087            .create("urn:fedora:xacml:2.0:environment:original-ip-address");
088
089}