org.apache.openejb.core.security
Class AbstractSecurityService

java.lang.Object
  extended by org.apache.openejb.core.security.AbstractSecurityService
All Implemented Interfaces:
BasicPolicyConfiguration.RoleResolver, ThreadContextListener, SecurityService<UUID>, Service
Direct Known Subclasses:
SecurityServiceImpl

public abstract class AbstractSecurityService
extends Object
implements SecurityService<UUID>, ThreadContextListener, BasicPolicyConfiguration.RoleResolver

This security service chooses a UUID as its token as this can be serialized to clients, is mostly secure, and can be deserialized in a client vm without addition openejb-core classes.


Nested Class Summary
static class AbstractSecurityService.Group
           
protected static class AbstractSecurityService.Identity
           
protected static class AbstractSecurityService.SecurityContext
           
static class AbstractSecurityService.User
           
 
Field Summary
protected static ThreadLocal<AbstractSecurityService.Identity> clientIdentity
           
protected  AbstractSecurityService.SecurityContext defaultContext
           
protected  Subject defaultSubject
           
protected  String defaultUser
           
 
Constructor Summary
AbstractSecurityService()
           
AbstractSecurityService(String jaccProvider)
           
 
Method Summary
 void associate(UUID securityIdentity)
          Active
 void contextEntered(ThreadContext oldContext, ThreadContext newContext)
          A new context has been entered.
 void contextExited(ThreadContext exitedContext, ThreadContext reenteredContext)
          A context has exited.
protected  Subject createRunAsSubject(String runAsRole)
           
protected  Subject createSubject(String name)
           
 UUID disassociate()
          Active
 Principal getCallerPrincipal()
          Active
 Set<String> getLogicalRoles(Principal[] principals, Set<String> logicalRoles)
           
 String getRealmName()
           
protected  Subject getRunAsSubject(CoreDeploymentInfo callingDeploymentInfo)
           
 void init(Properties props)
           
protected static void installJacc()
           
 boolean isCallerAuthorized(Method method, InterfaceType interfaceType)
          Active
 boolean isCallerInRole(String role)
          Active
 UUID login(String username, String password)
           
 void logout(UUID securityIdentity)
          Active
protected  UUID registerSubject(Subject subject)
           
 void setRealmName(String realmName)
           
protected  void unregisterSubject(Object securityIdentity)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.openejb.spi.SecurityService
login
 

Field Detail

clientIdentity

protected static final ThreadLocal<AbstractSecurityService.Identity> clientIdentity

defaultUser

protected final String defaultUser
See Also:
Constant Field Values

defaultSubject

protected final Subject defaultSubject

defaultContext

protected final AbstractSecurityService.SecurityContext defaultContext
Constructor Detail

AbstractSecurityService

public AbstractSecurityService()

AbstractSecurityService

public AbstractSecurityService(String jaccProvider)
Method Detail

getRealmName

public String getRealmName()

setRealmName

public void setRealmName(String realmName)

init

public void init(Properties props)
          throws Exception
Specified by:
init in interface Service
Throws:
Exception

login

public UUID login(String username,
                  String password)
           throws LoginException
Specified by:
login in interface SecurityService<UUID>
Throws:
LoginException

getLogicalRoles

public Set<String> getLogicalRoles(Principal[] principals,
                                   Set<String> logicalRoles)
Specified by:
getLogicalRoles in interface BasicPolicyConfiguration.RoleResolver

contextEntered

public void contextEntered(ThreadContext oldContext,
                           ThreadContext newContext)
Description copied from interface: ThreadContextListener
A new context has been entered. The new context is already associated with the thread.

Specified by:
contextEntered in interface ThreadContextListener
Parameters:
oldContext - the old context that was associated with the thread
newContext - the new context that is now associated with the thread

getRunAsSubject

protected Subject getRunAsSubject(CoreDeploymentInfo callingDeploymentInfo)

createRunAsSubject

protected Subject createRunAsSubject(String runAsRole)

contextExited

public void contextExited(ThreadContext exitedContext,
                          ThreadContext reenteredContext)
Description copied from interface: ThreadContextListener
A context has exited. The reentered context is already associated with the thread.

Specified by:
contextExited in interface ThreadContextListener
Parameters:
exitedContext - the context that was exited
reenteredContext - the context that is not associated with the thread

registerSubject

protected UUID registerSubject(Subject subject)

logout

public void logout(UUID securityIdentity)
            throws LoginException
Description copied from interface: SecurityService
Active

Specified by:
logout in interface SecurityService<UUID>
Throws:
LoginException

unregisterSubject

protected void unregisterSubject(Object securityIdentity)

associate

public void associate(UUID securityIdentity)
               throws LoginException
Description copied from interface: SecurityService
Active

Specified by:
associate in interface SecurityService<UUID>
Throws:
LoginException

disassociate

public UUID disassociate()
Description copied from interface: SecurityService
Active

Specified by:
disassociate in interface SecurityService<UUID>

isCallerInRole

public boolean isCallerInRole(String role)
Description copied from interface: SecurityService
Active

Specified by:
isCallerInRole in interface SecurityService<UUID>

getCallerPrincipal

public Principal getCallerPrincipal()
Description copied from interface: SecurityService
Active

Specified by:
getCallerPrincipal in interface SecurityService<UUID>

isCallerAuthorized

public boolean isCallerAuthorized(Method method,
                                  InterfaceType interfaceType)
Description copied from interface: SecurityService
Active

Specified by:
isCallerAuthorized in interface SecurityService<UUID>

installJacc

protected static void installJacc()

createSubject

protected Subject createSubject(String name)


Copyright © 1999-2011 The Apache OpenEJB development community. All Rights Reserved.