AbstractSecurityService

java.lang.Object
- org.apache.openejb.core.security.AbstractSecurityService

All Implemented Interfaces:

DestroyableResource, BasicPolicyConfiguration.RoleResolver, ThreadContextListener, SecurityService<java.util.UUID>, Service

Direct Known Subclasses:

SecurityServiceImpl, TomcatSecurityService
```
public abstract class AbstractSecurityService
extends java.lang.Object
implements DestroyableResource, SecurityService<java.util.UUID>, ThreadContextListener, BasicPolicyConfiguration.RoleResolver
```
This security service chooses a UUID as its token as this can be serialized to clients, is mostly secure, and can be deserialized in a client vm without addition openejb-core classes.

Nested Class Summary

Nested Classes
Modifier and Type	Class and Description
`static class`	`AbstractSecurityService.Group`
`protected static class`	`AbstractSecurityService.Identity`
`static class`	`AbstractSecurityService.ProvidedSecurityContext`
`static class`	`AbstractSecurityService.SecurityContext`
`static class`	`AbstractSecurityService.User`

Field Summary

Fields
Modifier and Type	Field and Description
`protected static java.lang.ThreadLocal<AbstractSecurityService.Identity>`	`clientIdentity`
`protected AbstractSecurityService.SecurityContext`	`defaultContext`
`protected javax.security.auth.Subject`	`defaultSubject`
`protected java.lang.String`	`defaultUser`

Constructor Summary

Constructors
Constructor and Description

AbstractSecurityService()

AbstractSecurityService(java.lang.String jaccProvider)

Constructors
Constructor and Description
`AbstractSecurityService()`
`AbstractSecurityService(java.lang.String jaccProvider)`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`associate(java.util.UUID securityIdentity)` Active
`protected static java.lang.String`	`autoJaccProvider()`
`void`	`contextEntered(ThreadContext oldContext, ThreadContext newContext)` A new context has been entered.
`void`	`contextExited(ThreadContext exitedContext, ThreadContext reenteredContext)` A context has exited.
`protected javax.security.auth.Subject`	`createRunAsSubject(java.lang.String runAsUser, java.lang.String runAsRole)`
`protected javax.security.auth.Subject`	`createSubject(java.lang.String name, java.lang.String groupName)`
`java.lang.Object`	`currentState()`
`void`	`destroyResource()`
`java.util.UUID`	`disassociate()` Active
`java.security.Principal`	`getCallerPrincipal()` Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.
`protected AbstractSecurityService.SecurityContext`	`getDefaultContext()`
`java.lang.String`	`getDefaultUser()`
`java.util.Set<java.lang.String>`	`getLogicalRoles(java.security.Principal[] principals, java.util.Set<java.lang.String> logicalRoles)`
`java.lang.String`	`getRealmName()`
`javax.security.auth.Subject`	`getRunAsSubject(BeanContext callingBeanContext)`
`void`	`init(java.util.Properties props)`
`protected static void`	`installJacc()`
`boolean`	`isCallerAuthorized(java.lang.reflect.Method method, InterfaceType type)` Active
`boolean`	`isCallerInRole(java.lang.String role)` Active
`java.util.UUID`	`login(java.lang.String username, java.lang.String password)`
`void`	`logout(java.util.UUID securityIdentity)` Active
`void`	`onLogout(HttpServletRequest request)` Called when request.logout() is triggered.
`java.util.UUID`	`overrideWithRunAsContext(ThreadContext ctx, BeanContext newContext, BeanContext oldContext)`
`protected java.util.UUID`	`registerSubject(javax.security.auth.Subject subject)`
`void`	`setDefaultUser(java.lang.String defaultUser)`
`void`	`setRealmName(java.lang.String realmName)`
`void`	`setState(java.lang.Object o)`
`protected void`	`unregisterSubject(java.lang.Object securityIdentity)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.openejb.spi.SecurityService
login

Field Detail

clientIdentity

protected static final java.lang.ThreadLocal<AbstractSecurityService.Identity> clientIdentity

defaultUser
```
protected java.lang.String defaultUser
```

defaultSubject

protected javax.security.auth.Subject defaultSubject

defaultContext

protected AbstractSecurityService.SecurityContext defaultContext

Constructor Detail

AbstractSecurityService
```
public AbstractSecurityService()
```

AbstractSecurityService

public AbstractSecurityService(java.lang.String jaccProvider)

Method Detail
- destroyResource
```
public void destroyResource()
```
  Specified by:
  
  destroyResource in interface DestroyableResource
- onLogout
```
public void onLogout(HttpServletRequest request)
```
  Description copied from interface: SecurityService
  
  Called when request.logout() is triggered. Intended to remove context propagation.
  
  Specified by:
  
  onLogout in interface SecurityService<java.util.UUID>
  
  Parameters:
  
  request - the http request triggering the logout.
- getRealmName
```
public java.lang.String getRealmName()
```
- setRealmName
```
public void setRealmName(java.lang.String realmName)
```
- getDefaultUser
```
public java.lang.String getDefaultUser()
```
  Returns:
  
  the defaultUser
- setDefaultUser
```
public void setDefaultUser(java.lang.String defaultUser)
```
  Parameters:
  
  defaultUser - the defaultUser to set
- init
```
public void init(java.util.Properties props)
          throws java.lang.Exception
```
  Specified by:
  
  init in interface Service
  
  Throws:
  
  java.lang.Exception
- login
```
public java.util.UUID login(java.lang.String username,
                            java.lang.String password)
                     throws javax.security.auth.login.LoginException
```
  Specified by:
  
  login in interface SecurityService<java.util.UUID>
  
  Throws:
  
  javax.security.auth.login.LoginException
- getLogicalRoles
```
public java.util.Set<java.lang.String> getLogicalRoles(java.security.Principal[] principals,
                                                       java.util.Set<java.lang.String> logicalRoles)
```
  Specified by:
  
  getLogicalRoles in interface BasicPolicyConfiguration.RoleResolver
- contextEntered
```
public void contextEntered(ThreadContext oldContext,
                           ThreadContext newContext)
```
  Description copied from interface: ThreadContextListener
  
  A new context has been entered. The new context is already associated with the thread.
  
  Specified by:
  
  contextEntered in interface ThreadContextListener
  
  Parameters:
  
  oldContext - the old context that was associated with the thread
  
  newContext - the new context that is now associated with the thread
- overrideWithRunAsContext
```
public java.util.UUID overrideWithRunAsContext(ThreadContext ctx,
                                               BeanContext newContext,
                                               BeanContext oldContext)
```
- getRunAsSubject
```
public javax.security.auth.Subject getRunAsSubject(BeanContext callingBeanContext)
```
- createRunAsSubject
```
protected javax.security.auth.Subject createRunAsSubject(java.lang.String runAsUser,
                                                         java.lang.String runAsRole)
```
- contextExited
```
public void contextExited(ThreadContext exitedContext,
                          ThreadContext reenteredContext)
```
  Description copied from interface: ThreadContextListener
  
  A context has exited. The reentered context is already associated with the thread.
  
  Specified by:
  
  contextExited in interface ThreadContextListener
  
  Parameters:
  
  exitedContext - the context that was exited
  
  reenteredContext - the context that is not associated with the thread
- registerSubject
```
protected java.util.UUID registerSubject(javax.security.auth.Subject subject)
```
- logout
```
public void logout(java.util.UUID securityIdentity)
            throws javax.security.auth.login.LoginException
```
  Description copied from interface: SecurityService
  
  Active
  
  Specified by:
  
  logout in interface SecurityService<java.util.UUID>
  
  Throws:
  
  javax.security.auth.login.LoginException
- unregisterSubject
```
protected void unregisterSubject(java.lang.Object securityIdentity)
```
- associate
```
public void associate(java.util.UUID securityIdentity)
               throws javax.security.auth.login.LoginException
```
  Description copied from interface: SecurityService
  
  Active
  
  Specified by:
  
  associate in interface SecurityService<java.util.UUID>
  
  Throws:
  
  javax.security.auth.login.LoginException
- disassociate
```
public java.util.UUID disassociate()
```
  Description copied from interface: SecurityService
  
  Active
  
  Specified by:
  
  disassociate in interface SecurityService<java.util.UUID>
- isCallerInRole
```
public boolean isCallerInRole(java.lang.String role)
```
  Description copied from interface: SecurityService
  
  Active
  
  Specified by:
  
  isCallerInRole in interface SecurityService<java.util.UUID>
- getCallerPrincipal
```
public java.security.Principal getCallerPrincipal()
```
  Description copied from interface: SecurityService
  
  Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal
  JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.
  
  Specified by:
  
  getCallerPrincipal in interface SecurityService<java.util.UUID>
- isCallerAuthorized
```
public boolean isCallerAuthorized(java.lang.reflect.Method method,
                                  InterfaceType type)
```
  Description copied from interface: SecurityService
  
  Active
  
  Specified by:
  
  isCallerAuthorized in interface SecurityService<java.util.UUID>
- autoJaccProvider
```
protected static java.lang.String autoJaccProvider()
```
- installJacc
```
protected static void installJacc()
```
- createSubject
```
protected javax.security.auth.Subject createSubject(java.lang.String name,
                                                    java.lang.String groupName)
```
- currentState
```
public java.lang.Object currentState()
```
  Specified by:
  
  currentState in interface SecurityService<java.util.UUID>
- setState
```
public void setState(java.lang.Object o)
```
  Specified by:
  
  setState in interface SecurityService<java.util.UUID>
- getDefaultContext
```
protected AbstractSecurityService.SecurityContext getDefaultContext()
```

Class AbstractSecurityService

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface org.apache.openejb.spi.SecurityService

Field Detail

clientIdentity

defaultUser

defaultSubject

defaultContext

Constructor Detail

AbstractSecurityService

AbstractSecurityService

Method Detail

destroyResource

onLogout

getRealmName

setRealmName

getDefaultUser

setDefaultUser

init

login

getLogicalRoles

contextEntered

overrideWithRunAsContext

getRunAsSubject

createRunAsSubject

contextExited

registerSubject

logout

unregisterSubject

associate

disassociate

isCallerInRole

getCallerPrincipal

isCallerAuthorized

autoJaccProvider

installJacc

createSubject

currentState

setState

getDefaultContext