public abstract class AbstractSecurityService extends java.lang.Object implements DestroyableResource, SecurityService<java.util.UUID>, ThreadContextListener, BasicPolicyConfiguration.RoleResolver
Modifier and Type | Class and Description |
---|---|
static class |
AbstractSecurityService.Group |
protected static class |
AbstractSecurityService.Identity |
static class |
AbstractSecurityService.ProvidedSecurityContext |
static class |
AbstractSecurityService.SecurityContext |
static class |
AbstractSecurityService.User |
Modifier and Type | Field and Description |
---|---|
protected static java.lang.ThreadLocal<AbstractSecurityService.Identity> |
clientIdentity |
protected AbstractSecurityService.SecurityContext |
defaultContext |
protected javax.security.auth.Subject |
defaultSubject |
protected java.lang.String |
defaultUser |
Constructor and Description |
---|
AbstractSecurityService() |
AbstractSecurityService(java.lang.String jaccProvider) |
Modifier and Type | Method and Description |
---|---|
void |
associate(java.util.UUID securityIdentity)
Active
|
protected static java.lang.String |
autoJaccProvider() |
void |
contextEntered(ThreadContext oldContext,
ThreadContext newContext)
A new context has been entered.
|
void |
contextExited(ThreadContext exitedContext,
ThreadContext reenteredContext)
A context has exited.
|
protected javax.security.auth.Subject |
createRunAsSubject(java.lang.String runAsUser,
java.lang.String runAsRole) |
protected javax.security.auth.Subject |
createSubject(java.lang.String name,
java.lang.String groupName) |
java.lang.Object |
currentState() |
void |
destroyResource() |
java.util.UUID |
disassociate()
Active
|
java.security.Principal |
getCallerPrincipal()
Implementors are encouraged to return a java.security.Principal
object that implements org.apache.openejb.spi.CallerPrincipal
JAAS LoginModule implementors are encouraged to use the CallerPrincipal
interface to denote the best fitting Principal for getCallerPrincipal.
|
protected AbstractSecurityService.SecurityContext |
getDefaultContext() |
java.lang.String |
getDefaultUser() |
java.util.Set<java.lang.String> |
getLogicalRoles(java.security.Principal[] principals,
java.util.Set<java.lang.String> logicalRoles) |
java.lang.String |
getRealmName() |
javax.security.auth.Subject |
getRunAsSubject(BeanContext callingBeanContext) |
void |
init(java.util.Properties props) |
protected static void |
installJacc() |
boolean |
isCallerAuthorized(java.lang.reflect.Method method,
InterfaceType type)
Active
|
boolean |
isCallerInRole(java.lang.String role)
Active
|
java.util.UUID |
login(java.lang.String username,
java.lang.String password) |
void |
logout(java.util.UUID securityIdentity)
Active
|
void |
onLogout(HttpServletRequest request)
Called when request.logout() is triggered.
|
java.util.UUID |
overrideWithRunAsContext(ThreadContext ctx,
BeanContext newContext,
BeanContext oldContext) |
protected java.util.UUID |
registerSubject(javax.security.auth.Subject subject) |
void |
setDefaultUser(java.lang.String defaultUser) |
void |
setRealmName(java.lang.String realmName) |
void |
setState(java.lang.Object o) |
protected void |
unregisterSubject(java.lang.Object securityIdentity) |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
login
protected static final java.lang.ThreadLocal<AbstractSecurityService.Identity> clientIdentity
protected java.lang.String defaultUser
protected javax.security.auth.Subject defaultSubject
protected AbstractSecurityService.SecurityContext defaultContext
public AbstractSecurityService()
public AbstractSecurityService(java.lang.String jaccProvider)
public void destroyResource()
destroyResource
in interface DestroyableResource
public void onLogout(HttpServletRequest request)
SecurityService
onLogout
in interface SecurityService<java.util.UUID>
request
- the http request triggering the logout.public java.lang.String getRealmName()
public void setRealmName(java.lang.String realmName)
public java.lang.String getDefaultUser()
public void setDefaultUser(java.lang.String defaultUser)
defaultUser
- the defaultUser to setpublic void init(java.util.Properties props) throws java.lang.Exception
public java.util.UUID login(java.lang.String username, java.lang.String password) throws javax.security.auth.login.LoginException
login
in interface SecurityService<java.util.UUID>
javax.security.auth.login.LoginException
public java.util.Set<java.lang.String> getLogicalRoles(java.security.Principal[] principals, java.util.Set<java.lang.String> logicalRoles)
getLogicalRoles
in interface BasicPolicyConfiguration.RoleResolver
public void contextEntered(ThreadContext oldContext, ThreadContext newContext)
ThreadContextListener
contextEntered
in interface ThreadContextListener
oldContext
- the old context that was associated with the threadnewContext
- the new context that is now associated with the threadpublic java.util.UUID overrideWithRunAsContext(ThreadContext ctx, BeanContext newContext, BeanContext oldContext)
public javax.security.auth.Subject getRunAsSubject(BeanContext callingBeanContext)
protected javax.security.auth.Subject createRunAsSubject(java.lang.String runAsUser, java.lang.String runAsRole)
public void contextExited(ThreadContext exitedContext, ThreadContext reenteredContext)
ThreadContextListener
contextExited
in interface ThreadContextListener
exitedContext
- the context that was exitedreenteredContext
- the context that is not associated with the threadprotected java.util.UUID registerSubject(javax.security.auth.Subject subject)
public void logout(java.util.UUID securityIdentity) throws javax.security.auth.login.LoginException
SecurityService
logout
in interface SecurityService<java.util.UUID>
javax.security.auth.login.LoginException
protected void unregisterSubject(java.lang.Object securityIdentity)
public void associate(java.util.UUID securityIdentity) throws javax.security.auth.login.LoginException
SecurityService
associate
in interface SecurityService<java.util.UUID>
javax.security.auth.login.LoginException
public java.util.UUID disassociate()
SecurityService
disassociate
in interface SecurityService<java.util.UUID>
public boolean isCallerInRole(java.lang.String role)
SecurityService
isCallerInRole
in interface SecurityService<java.util.UUID>
public java.security.Principal getCallerPrincipal()
SecurityService
getCallerPrincipal
in interface SecurityService<java.util.UUID>
public boolean isCallerAuthorized(java.lang.reflect.Method method, InterfaceType type)
SecurityService
isCallerAuthorized
in interface SecurityService<java.util.UUID>
protected static java.lang.String autoJaccProvider()
protected static void installJacc()
protected javax.security.auth.Subject createSubject(java.lang.String name, java.lang.String groupName)
public java.lang.Object currentState()
currentState
in interface SecurityService<java.util.UUID>
public void setState(java.lang.Object o)
setState
in interface SecurityService<java.util.UUID>
protected AbstractSecurityService.SecurityContext getDefaultContext()