public class TomcatSecurityService extends AbstractSecurityService
| Modifier and Type | Class and Description |
|---|---|
protected static class |
TomcatSecurityService.RunAsRole |
static class |
TomcatSecurityService.TomcatUser |
AbstractSecurityService.Group, AbstractSecurityService.Identity, AbstractSecurityService.ProvidedSecurityContext, AbstractSecurityService.SecurityContext, AbstractSecurityService.User| Modifier and Type | Field and Description |
|---|---|
protected static java.lang.ThreadLocal<java.util.LinkedList<javax.security.auth.Subject>> |
runAsStack |
clientIdentity, defaultContext, defaultSubject, defaultUser| Constructor and Description |
|---|
TomcatSecurityService() |
| Modifier and Type | Method and Description |
|---|---|
protected javax.security.auth.Subject |
createRunAsSubject(java.lang.String role) |
java.lang.Object |
enterWebApp(Realm realm,
java.security.Principal principal,
java.lang.String runAs) |
void |
exitWebApp(java.lang.Object state) |
java.security.Principal |
getCallerPrincipal()
Implementors are encouraged to return a java.security.Principal
object that implements org.apache.openejb.spi.CallerPrincipal
JAAS LoginModule implementors are encouraged to use the CallerPrincipal
interface to denote the best fitting Principal for getCallerPrincipal.
|
protected AbstractSecurityService.SecurityContext |
getDefaultContext() |
java.util.Set<java.lang.String> |
getLogicalRoles(java.security.Principal[] principals,
java.util.Set<java.lang.String> logicalRoles) |
javax.security.auth.Subject |
getRunAsSubject(BeanContext callingBeanContext) |
boolean |
isCallerInRole(java.lang.String role)
Active
|
java.util.UUID |
login(java.lang.String realmName,
java.lang.String username,
java.lang.String password) |
void |
onLogout(HttpServletRequest request)
Called when request.logout() is triggered.
|
associate, autoJaccProvider, contextEntered, contextExited, createRunAsSubject, createSubject, currentState, destroyResource, disassociate, getDefaultUser, getRealmName, init, installJacc, isCallerAuthorized, login, logout, overrideWithRunAsContext, registerSubject, setDefaultUser, setRealmName, setState, unregisterSubjectprotected static final java.lang.ThreadLocal<java.util.LinkedList<javax.security.auth.Subject>> runAsStack
public boolean isCallerInRole(java.lang.String role)
SecurityServiceisCallerInRole in interface SecurityService<java.util.UUID>isCallerInRole in class AbstractSecurityServicepublic java.util.UUID login(java.lang.String realmName,
java.lang.String username,
java.lang.String password)
throws javax.security.auth.login.LoginException
javax.security.auth.login.LoginExceptionpublic java.util.Set<java.lang.String> getLogicalRoles(java.security.Principal[] principals,
java.util.Set<java.lang.String> logicalRoles)
getLogicalRoles in interface BasicPolicyConfiguration.RoleResolvergetLogicalRoles in class AbstractSecurityServicepublic java.security.Principal getCallerPrincipal()
SecurityServicegetCallerPrincipal in interface SecurityService<java.util.UUID>getCallerPrincipal in class AbstractSecurityServicepublic java.lang.Object enterWebApp(Realm realm,
java.security.Principal principal,
java.lang.String runAs)
public void onLogout(HttpServletRequest request)
SecurityServiceonLogout in interface SecurityService<java.util.UUID>onLogout in class AbstractSecurityServicerequest - the http request triggering the logout.public void exitWebApp(java.lang.Object state)
public javax.security.auth.Subject getRunAsSubject(BeanContext callingBeanContext)
getRunAsSubject in class AbstractSecurityServiceprotected javax.security.auth.Subject createRunAsSubject(java.lang.String role)
protected AbstractSecurityService.SecurityContext getDefaultContext()
getDefaultContext in class AbstractSecurityService