U
- the type used to represent the user.E
- the type used to represent the environment, can also contain information on the action requested (read,
write, ...).R
- the type used to represent the resource.public interface AccessControlEngine<U,E,R>
isAuthorized(Object, Object, Object)
computes whether or not the user can, in the environment,
access the resource to enforce a security policy.
AccessControlList
Modifier and Type | Method and Description |
---|---|
boolean |
isAuthorized(U user,
E environment,
R resource)
Computes whether or not the
user can, in the environment , access the resource . |
boolean isAuthorized(U user, E environment, R resource)
user
can, in the environment
, access the resource
.user
- the initiator of the request.environment
- the context of the request.resource
- the target of the request.true
if the request is authorized by the policy, false
otherwise.