TomcatSecurityService

java.lang.Object
- org.apache.openejb.core.security.AbstractSecurityService
- - org.apache.tomee.catalina.TomcatSecurityService

All Implemented Interfaces:

DestroyableResource, BasicPolicyConfiguration.RoleResolver, ThreadContextListener, SecurityService<java.util.UUID>, Service
```
public class TomcatSecurityService
extends AbstractSecurityService
```

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

protected static class TomcatSecurityService.RunAsRole

static class TomcatSecurityService.TomcatUser
- Nested classes/interfaces inherited from class org.apache.openejb.core.security.AbstractSecurityService
  AbstractSecurityService.Group, AbstractSecurityService.Identity, AbstractSecurityService.ProvidedSecurityContext, AbstractSecurityService.SecurityContext, AbstractSecurityService.User

Nested Classes
Modifier and Type	Class and Description
`protected static class`	`TomcatSecurityService.RunAsRole`
`static class`	`TomcatSecurityService.TomcatUser`

Field Summary

Fields
Modifier and Type Field and Description

protected static java.lang.ThreadLocal<java.util.LinkedList<javax.security.auth.Subject>> RUN_AS_STACK
- Fields inherited from class org.apache.openejb.core.security.AbstractSecurityService
  clientIdentity, defaultContext, defaultSubject, defaultUser, KEY_REQUEST, KEY_SUBJECT, KEYS

Fields
Modifier and Type	Field and Description
`protected static java.lang.ThreadLocal<java.util.LinkedList<javax.security.auth.Subject>>`	`RUN_AS_STACK`

Constructor Summary

Constructors
Constructor and Description

TomcatSecurityService()

Constructors
Constructor and Description
`TomcatSecurityService()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected javax.security.auth.Subject`	`createRunAsSubject(java.lang.String role)`
`java.lang.Object`	`enterWebApp(Realm realm, java.security.Principal principal, java.lang.String runAs)`
`void`	`exitWebApp(java.lang.Object state)`
`java.security.Principal`	`getCallerPrincipal()` Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.
`java.lang.Object`	`getContext(java.lang.String key, java.lang.Object data)`
`protected AbstractSecurityService.SecurityContext`	`getDefaultSecurityContext()`
`java.lang.String[]`	`getKeys()`
`java.util.Set<java.lang.String>`	`getLogicalRoles(java.security.Principal[] principals, java.util.Set<java.lang.String> logicalRoles)`
`javax.security.auth.Subject`	`getRunAsSubject(BeanContext callingBeanContext)`
`boolean`	`isCallerInRole(java.lang.String role)` Active
`java.util.UUID`	`login(java.lang.String realmName, java.lang.String username, java.lang.String password)`
`void`	`onLogout(HttpServletRequest request)` Called when request.logout() is triggered.
`boolean`	`supports(java.lang.String key)`

Methods inherited from class org.apache.openejb.core.security.AbstractSecurityService
associate, autoJaccProvider, contextEntered, contextExited, createRunAsSubject, createSubject, currentState, destroyResource, disassociate, getDefaultUser, getPrincipalsByType, getProtectionDomain, getRealmName, getSubject, init, installJacc, isCallerAuthorized, login, logout, overrideWithRunAsContext, registerSubject, setDefaultUser, setRealmName, setState, unregisterSubject

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - RUN_AS_STACK
```
protected static final java.lang.ThreadLocal<java.util.LinkedList<javax.security.auth.Subject>> RUN_AS_STACK
```
- Constructor Detail
  - TomcatSecurityService
```
public TomcatSecurityService()
```
- Method Detail
  - isCallerInRole
```
public boolean isCallerInRole(java.lang.String role)
```
    Description copied from interface: SecurityService
    
    Active
    
    Specified by:
    
    isCallerInRole in interface SecurityService<java.util.UUID>
    
    Overrides:
    
    isCallerInRole in class AbstractSecurityService
  - login
```
public java.util.UUID login(java.lang.String realmName,
                            java.lang.String username,
                            java.lang.String password)
                     throws javax.security.auth.login.LoginException
```
    Throws:
    
    javax.security.auth.login.LoginException
  - getLogicalRoles
```
public java.util.Set<java.lang.String> getLogicalRoles(java.security.Principal[] principals,
                                                       java.util.Set<java.lang.String> logicalRoles)
```
    Specified by:
    
    getLogicalRoles in interface BasicPolicyConfiguration.RoleResolver
    
    Overrides:
    
    getLogicalRoles in class AbstractSecurityService
  - getCallerPrincipal
```
public java.security.Principal getCallerPrincipal()
```
    Description copied from interface: SecurityService
    
    Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.
    
    Specified by:
    
    getCallerPrincipal in interface SecurityService<java.util.UUID>
    
    Overrides:
    
    getCallerPrincipal in class AbstractSecurityService
  - enterWebApp
```
public java.lang.Object enterWebApp(Realm realm,
                                    java.security.Principal principal,
                                    java.lang.String runAs)
```
  - onLogout
```
public void onLogout(HttpServletRequest request)
```
    Description copied from interface: SecurityService
    
    Called when request.logout() is triggered. Intended to remove context propagation.
    
    Specified by:
    
    onLogout in interface SecurityService<java.util.UUID>
    
    Overrides:
    
    onLogout in class AbstractSecurityService
    
    Parameters:
    
    request - the http request triggering the logout.
  - exitWebApp
```
public void exitWebApp(java.lang.Object state)
```
  - getRunAsSubject
```
public javax.security.auth.Subject getRunAsSubject(BeanContext callingBeanContext)
```
    Overrides:
    
    getRunAsSubject in class AbstractSecurityService
  - createRunAsSubject
```
protected javax.security.auth.Subject createRunAsSubject(java.lang.String role)
```
  - getDefaultSecurityContext
```
protected AbstractSecurityService.SecurityContext getDefaultSecurityContext()
```
    Overrides:
    
    getDefaultSecurityContext in class AbstractSecurityService
  - supports
```
public boolean supports(java.lang.String key)
                 throws PolicyContextException
```
    Overrides:
    
    supports in class AbstractSecurityService
    
    Throws:
    
    PolicyContextException
  - getKeys
```
public java.lang.String[] getKeys()
                           throws PolicyContextException
```
    Overrides:
    
    getKeys in class AbstractSecurityService
    
    Throws:
    
    PolicyContextException
  - getContext
```
public java.lang.Object getContext(java.lang.String key,
                                   java.lang.Object data)
                            throws PolicyContextException
```
    Overrides:
    
    getContext in class AbstractSecurityService
    
    Throws:
    
    PolicyContextException

Class TomcatSecurityService

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.openejb.core.security.AbstractSecurityService

Field Summary

Fields inherited from class org.apache.openejb.core.security.AbstractSecurityService

Constructor Summary

Method Summary

Methods inherited from class org.apache.openejb.core.security.AbstractSecurityService

Methods inherited from class java.lang.Object

Field Detail

RUN_AS_STACK

Constructor Detail

TomcatSecurityService

Method Detail

isCallerInRole

login

getLogicalRoles

getCallerPrincipal

enterWebApp

onLogout

exitWebApp

getRunAsSubject

createRunAsSubject

getDefaultSecurityContext

supports

getKeys

getContext