|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.jboss.security.plugins.auth.SynchronizedJaasSecurityManager
public class SynchronizedJaasSecurityManager
The JaasSecurityManager is responsible both for authenticating credentials associated with principals and for role mapping. This implementation relies on the JAAS LoginContext/LoginModules associated with the security domain name associated with the class for authentication, and the context JAAS Subject object for role mapping.
isValid(Principal, Object, Subject)
,
getPrincipal(Principal)
,
doesUserHaveRole(Principal, Set)
Field Summary | |
---|---|
protected org.jboss.logging.Logger |
log
The log4j category for the security manager domain |
protected boolean |
trace
|
Constructor Summary | |
---|---|
SynchronizedJaasSecurityManager()
Creates a default JaasSecurityManager for with a securityDomain name of 'other'. |
|
SynchronizedJaasSecurityManager(String securityDomain,
CallbackHandler handler)
Creates a JaasSecurityManager for with a securityDomain name of that given by the 'securityDomain' argument. |
Method Summary | |
---|---|
boolean |
doesUserHaveRole(Principal principal,
Set<Principal> rolePrincipals)
Does the current Subject have a role(a Principal) that equates to one of the role names. |
void |
flushCache()
Not really used anymore as the security manager service manages the security domain authentication caches. |
Subject |
getActiveSubject()
Get the currently authenticated Subject. |
Principal |
getPrincipal(Principal principal)
Map the argument principal from the deployment environment principal to the developer environment. |
String |
getSecurityDomain()
Get the name of the security domain associated with this security mgr. |
Principal |
getTargetPrincipal(Principal anotherDomainPrincipal,
Map<String,Object> contextMap)
|
Set<Principal> |
getUserRoles(Principal principal)
Return the set of domain roles the current active Subject 'Roles' group found in the subject Principals set. |
boolean |
isValid(Principal principal,
Object credential)
Validate that the given credential is correct for principal. |
boolean |
isValid(Principal principal,
Object credential,
Subject activeSubject)
Validate that the given credential is correct for principal. |
void |
setCachePolicy(org.jboss.util.CachePolicy domainCache)
The domainCache is typically a shared object that is populated by the login code(LoginModule, etc.) and read by this class in the isValid() method. |
void |
setDeepCopySubjectOption(Boolean flag)
Flag to specify if deep copy of subject sets needs to be enabled |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected org.jboss.logging.Logger log
protected boolean trace
Constructor Detail |
---|
public SynchronizedJaasSecurityManager()
public SynchronizedJaasSecurityManager(String securityDomain, CallbackHandler handler)
securityDomain
- the name of the security domainhandler
- the JAAS callback handler instance to use
UndeclaredThrowableException
- thrown if handler does not
implement a setSecurityInfo(Princpal, Object) methodMethod Detail |
---|
public void setCachePolicy(org.jboss.util.CachePolicy domainCache)
isValid(Principal, Object, Subject)
public void setDeepCopySubjectOption(Boolean flag)
flag
- public void flushCache()
public String getSecurityDomain()
getSecurityDomain
in interface org.jboss.security.BaseSecurityManager
public Subject getActiveSubject()
getActiveSubject
in interface org.jboss.security.AuthenticationManager
public boolean isValid(Principal principal, Object credential)
isValid
in interface org.jboss.security.AuthenticationManager
principal
- - the security domain principal attempting accesscredential
- - the proof of identity offered by the principal
public boolean isValid(Principal principal, Object credential, Subject activeSubject)
isValid
in interface org.jboss.security.AuthenticationManager
principal
- - the security domain principal attempting accesscredential
- the proof of identity offered by the principalactiveSubject
- - if not null, a Subject that will be populated with
the state of the authenticated Subject.
public Principal getPrincipal(Principal principal)
getPrincipal
in interface org.jboss.security.RealmMapping
public boolean doesUserHaveRole(Principal principal, Set<Principal> rolePrincipals)
doesUserHaveRole
in interface org.jboss.security.RealmMapping
principal
- - ignored. The current authenticated Subject determines
the active user and assigned user roles.rolePrincipals
- - a Set of Principals for the roles to check.Group;
,
Subject.getPrincipals()
public Set<Principal> getUserRoles(Principal principal)
getUserRoles
in interface org.jboss.security.RealmMapping
principal
- - ignored. The current authenticated Subject determines
the active user and assigned user roles.
public Principal getTargetPrincipal(Principal anotherDomainPrincipal, Map<String,Object> contextMap)
getTargetPrincipal
in interface org.jboss.security.AuthenticationManager
AuthenticationManager.getTargetPrincipal(Principal,Map)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |