Field Detail

• KEY_SUBJECT

  protected static final java.lang.String KEY_SUBJECT

  See Also:

  Constant Field Values

• KEY_REQUEST

  protected static final java.lang.String KEY_REQUEST

  See Also:

  Constant Field Values

• KEYS

  protected static final java.util.Set<java.lang.String> KEYS

• clientIdentity

  protected static final java.lang.ThreadLocal<AbstractSecurityService.Identity> clientIdentity

• defaultUser

  protected java.lang.String defaultUser

• defaultSubject

  protected javax.security.auth.Subject defaultSubject

• defaultContext

  protected AbstractSecurityService.SecurityContext defaultContext

Constructor Detail

• AbstractSecurityService

  public AbstractSecurityService()

• AbstractSecurityService

  public AbstractSecurityService(java.lang.String jaccProvider)

Method Detail

• destroyResource

  public void destroyResource()

  Specified by:

  destroyResource in interface DestroyableResource

• onLogout

  public void onLogout(HttpServletRequest request)

  Description copied from interface: SecurityService
  Called when request.logout() is triggered. Intended to remove context propagation.

  Specified by:

  onLogout in interface SecurityService<java.util.UUID>

  Parameters:

  request - the http request triggering the logout.

• getRealmName

  public java.lang.String getRealmName()

• setRealmName

  public void setRealmName(java.lang.String realmName)

• getDefaultUser

  public java.lang.String getDefaultUser()

  Returns:

  the defaultUser

• setDefaultUser

  public void setDefaultUser(java.lang.String defaultUser)

  Parameters:

  defaultUser - the defaultUser to set

• init

  public void init(java.util.Properties props)
            throws java.lang.Exception

  Specified by:

  init in interface Service

  Throws:

  java.lang.Exception

• login

  public java.util.UUID login(java.lang.String username,
                              java.lang.String password)
                       throws javax.security.auth.login.LoginException

  Specified by:

  login in interface SecurityService<java.util.UUID>

  Throws:

  javax.security.auth.login.LoginException

• getLogicalRoles

  public java.util.Set<java.lang.String> getLogicalRoles(java.security.Principal[] principals,
                                                         java.util.Set<java.lang.String> logicalRoles)

  Specified by:

  getLogicalRoles in interface BasicPolicyConfiguration.RoleResolver

• contextEntered

  public void contextEntered(ThreadContext oldContext,
                             ThreadContext newContext)

  Description copied from interface: ThreadContextListener
  A new context has been entered. The new context is already associated with the thread.

  Specified by:

  contextEntered in interface ThreadContextListener

  Parameters:

  oldContext - the old context that was associated with the thread

  newContext - the new context that is now associated with the thread

• overrideWithRunAsContext

  public java.util.UUID overrideWithRunAsContext(ThreadContext ctx,
                                                 BeanContext newContext,
                                                 BeanContext oldContext)

• getRunAsSubject

  public javax.security.auth.Subject getRunAsSubject(BeanContext callingBeanContext)

• createRunAsSubject

  protected javax.security.auth.Subject createRunAsSubject(java.lang.String runAsUser,
                                                           java.lang.String runAsRole)

• contextExited

  public void contextExited(ThreadContext exitedContext,
                            ThreadContext reenteredContext)

  Description copied from interface: ThreadContextListener
  A context has exited. The reentered context is already associated with the thread.

  Specified by:

  contextExited in interface ThreadContextListener

  Parameters:

  exitedContext - the context that was exited

  reenteredContext - the context that is not associated with the thread

• registerSubject

  protected java.util.UUID registerSubject(javax.security.auth.Subject subject)

• logout

  public void logout(java.util.UUID securityIdentity)
              throws javax.security.auth.login.LoginException

  Description copied from interface: SecurityService
  Active

  Specified by:

  logout in interface SecurityService<java.util.UUID>

  Throws:

  javax.security.auth.login.LoginException

• unregisterSubject

  protected void unregisterSubject(java.lang.Object securityIdentity)

• associate

  public void associate(java.util.UUID securityIdentity)
                 throws javax.security.auth.login.LoginException

  Description copied from interface: SecurityService
  Active

  Specified by:

  associate in interface SecurityService<java.util.UUID>

  Throws:

  javax.security.auth.login.LoginException

• disassociate

  public java.util.UUID disassociate()

  Description copied from interface: SecurityService
  Active

  Specified by:

  disassociate in interface SecurityService<java.util.UUID>

• isCallerInRole

  public boolean isCallerInRole(java.lang.String role)

  Description copied from interface: SecurityService
  Active

  Specified by:

  isCallerInRole in interface SecurityService<java.util.UUID>

• getSubject

  protected javax.security.auth.Subject getSubject()

• getPrincipalsByType

  public <P extends java.security.Principal> java.util.Set<P> getPrincipalsByType(java.lang.Class<P> pType)

  Specified by:

  getPrincipalsByType in interface SecurityService<java.util.UUID>

• getProtectionDomain

  public java.security.ProtectionDomain getProtectionDomain()

  Specified by:

  getProtectionDomain in interface SecurityService<java.util.UUID>

• getCallerPrincipal

  public java.security.Principal getCallerPrincipal()

  Description copied from interface: SecurityService
  Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.

  Specified by:

  getCallerPrincipal in interface SecurityService<java.util.UUID>

• isCallerAuthorized

  public boolean isCallerAuthorized(java.lang.reflect.Method method,
                                    InterfaceType type)

  Description copied from interface: SecurityService
  Active

  Specified by:

  isCallerAuthorized in interface SecurityService<java.util.UUID>

• autoJaccProvider

  protected static java.lang.String autoJaccProvider()

• installJacc

  protected static void installJacc()

• createSubject

  protected javax.security.auth.Subject createSubject(java.lang.String name,
                                                      java.lang.String groupName)

• currentState

  public java.lang.Object currentState()

  Specified by:

  currentState in interface SecurityService<java.util.UUID>

• setState

  public void setState(java.lang.Object o)

  Specified by:

  setState in interface SecurityService<java.util.UUID>

• getDefaultSecurityContext

  protected AbstractSecurityService.SecurityContext getDefaultSecurityContext()

• supports

  public boolean supports(java.lang.String key)
                   throws PolicyContextException

  Throws:

  PolicyContextException

• getKeys

  public java.lang.String[] getKeys()
                             throws PolicyContextException

  Throws:

  PolicyContextException

• getContext

  public java.lang.Object getContext(java.lang.String key,
                                     java.lang.Object data)
                              throws PolicyContextException

  Throws:

  PolicyContextException