DefaultAuthorizationPolicy (Core XMPP Server 4.8.1 API)

java.lang.Object
- org.jivesoftware.openfire.auth.DefaultAuthorizationPolicy

All Implemented Interfaces:

AuthorizationPolicy
```
public class DefaultAuthorizationPolicy
extends Object
implements AuthorizationPolicy
```
Different clients perform authentication differently, so this policy will authorize any authentication identity, or 'principal' (identity whose password will be used) to a requested authorization identity (identity to act as) that match specific conditions that are considered secure defaults for most installations. Keep in mind if a client does not request any authorization identity, the authentication identity will be used as the authorization identity.
- If the authentication identity is in the form of a plain username, and the requested authorization identity is in the form of a plain username, then the two must be exactly the same.
- If the authentication identity contains an '@', then the portion before the '@' must match exactly the requested authorization identity and the portion after the '@' must match at least one of the following:
  - The XMPP domain of the server
  - The SASL realm of the server
  - Be in the list of acceptable realms
- If the requested authorization identity contains an '@' then the portion before the '@' will be considered the requested authorization identity only if the portion after the '@' matches the XMPP domain of the server or the portion after the '@' in the authentication identity, if any.
Author:

Jay Kline

See Also:

AuthorizationManager

Field Summary

Fields
Modifier and Type Field Description

static SystemProperty<Boolean> IGNORE_CASE

Constructor Summary

Constructors
Constructor Description

DefaultAuthorizationPolicy()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`boolean`	`authorize(String authzid, String authcid)`	Returns true if the provided authentication identity (identity whose password will be used) is explicitly allowed to the provided authorization identity (identity to act as).
`String`	`description()`	Returns a description of the Policy
`String`	`name()`	Returns the short name of the Policy

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - IGNORE_CASE
```
public static final SystemProperty<Boolean> IGNORE_CASE
```
- Constructor Detail
  - DefaultAuthorizationPolicy
```
public DefaultAuthorizationPolicy()
```
- Method Detail
  - authorize
```
public boolean authorize(String authzid,
                         String authcid)
```
    Returns true if the provided authentication identity (identity whose password will be used) is explicitly allowed to the provided authorization identity (identity to act as).
    
    Specified by:
    
    authorize in interface AuthorizationPolicy
    
    Parameters:
    
    authzid - authorization identity (identity to act as).
    
    authcid - authentication identity, or 'principal' (identity whose password will be used)
    
    Returns:
    
    true if the authzid is explicitly allowed to be used by the user authenticated with the authcid.
  - name
```
public String name()
```
    Returns the short name of the Policy
    
    Specified by:
    
    name in interface AuthorizationPolicy
    
    Returns:
    
    The short name of the Policy
  - description
```
public String description()
```
    Returns a description of the Policy
    
    Specified by:
    
    description in interface AuthorizationPolicy
    
    Returns:
    
    The description of the Policy.