SecurityService

All Superinterfaces:

Service

All Known Implementing Classes:

AbstractSecurityService, PseudoSecurityService, SecurityServiceImpl, TomcatSecurityService
```
public interface SecurityService<T>
extends Service
```
The generic value T is any serializable token of the SecurityService implementations choosing. This token only needs to be understandable by the SecurityService internally and need not be a publicly usable class type. No part of the outlying system will make any assumptions as to the type of the object. The use of a java generic type is to express the required symmetry in the interface.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`void`	`associate(T securityIdentity)` Active
`java.lang.Object`	`currentState()`
`T`	`disassociate()` Active
`java.security.Principal`	`getCallerPrincipal()` Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.
`<P extends java.security.Principal> java.util.Set<P>`	`getPrincipalsByType(java.lang.Class<P> pType)`
`java.security.ProtectionDomain`	`getProtectionDomain()`
`boolean`	`isCallerAuthorized(java.lang.reflect.Method method, InterfaceType type)` Active
`boolean`	`isCallerInRole(java.lang.String role)` Active
`T`	`login(java.lang.String user, java.lang.String pass)`
`T`	`login(java.lang.String securityRealm, java.lang.String user, java.lang.String pass)`
`void`	`logout(T securityIdentity)` Active
`void`	`onLogout(HttpServletRequest request)` Called when request.logout() is triggered.
`void`	`setState(java.lang.Object o)`

Methods inherited from interface org.apache.openejb.spi.Service
init

Method Detail

login

T login(java.lang.String user,
        java.lang.String pass)
 throws javax.security.auth.login.LoginException

Throws:: javax.security.auth.login.LoginException

login

T login(java.lang.String securityRealm,
        java.lang.String user,
        java.lang.String pass)
 throws javax.security.auth.login.LoginException

Throws:: javax.security.auth.login.LoginException

associate

void associate(T securityIdentity)
        throws javax.security.auth.login.LoginException

Active

Throws:: javax.security.auth.login.LoginException

disassociate
```
T disassociate()
```
Active

logout

void logout(T securityIdentity)
     throws javax.security.auth.login.LoginException

Active

Throws:: javax.security.auth.login.LoginException

isCallerInRole

boolean isCallerInRole(java.lang.String role)

Active

getCallerPrincipal
```
java.security.Principal getCallerPrincipal()
```
Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.

getPrincipalsByType

<P extends java.security.Principal> java.util.Set<P> getPrincipalsByType(java.lang.Class<P> pType)

getProtectionDomain

java.security.ProtectionDomain getProtectionDomain()

isCallerAuthorized

boolean isCallerAuthorized(java.lang.reflect.Method method,
                           InterfaceType type)

Active

setState
```
void setState(java.lang.Object o)
```

currentState
```
java.lang.Object currentState()
```

onLogout
```
void onLogout(HttpServletRequest request)
```
Called when request.logout() is triggered. Intended to remove context propagation.

Parameters:

request - the http request triggering the logout.

Interface SecurityService<T>

Method Summary

Methods inherited from interface org.apache.openejb.spi.Service

Method Detail

login

login

associate

disassociate

logout

isCallerInRole

getCallerPrincipal

getPrincipalsByType

getProtectionDomain

isCallerAuthorized

setState

currentState

onLogout