org.apache.openejb.client
Class ClientSecurity

java.lang.Object
  extended by org.apache.openejb.client.ClientSecurity

public class ClientSecurity
extends java.lang.Object


Nested Class Summary
static class ClientSecurity.SimpleIdentityResolver
           
 
Field Summary
static java.lang.String IDENTITY_RESOLVER_STRATEGY
           
 
Method Summary
static java.lang.Object directAuthentication(java.lang.String username, java.lang.String password, ServerMetaData server)
          This is a helper method for login modules.
static java.lang.Object directAuthentication(java.lang.String securityRealm, java.lang.String username, java.lang.String password, ServerMetaData server)
           
static java.lang.Object getIdentity()
           
static IdentityResolver getIdentityResolver()
           
static ServerMetaData getServer()
           
static void login(java.lang.String username, java.lang.String password)
          Login the spedified user using the specified password.
static void login(java.lang.String username, java.lang.String password, boolean threadScoped)
          Login the spedified user using the specified password either globally for the entire Java Virtural Machine or scoped to the thread.
static void logout()
          Clears the thread and global login data.
static void setIdentityResolver(IdentityResolver identityResolver)
           
static void setServer(ServerMetaData server)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

IDENTITY_RESOLVER_STRATEGY

public static final java.lang.String IDENTITY_RESOLVER_STRATEGY
See Also:
Constant Field Values
Method Detail

getServer

public static ServerMetaData getServer()

setServer

public static void setServer(ServerMetaData server)

login

public static void login(java.lang.String username,
                         java.lang.String password)
                  throws javax.security.auth.login.FailedLoginException
Login the spedified user using the specified password. This is a global login for the entire Java Virtural Machine. If you would like to have a thread scoped login, use ClientSecurity.login(username, password, true);

This is the equivalent of ClientSecurity.login(username, password, false);

Parameters:
username - the user to login
password - the password for the user
Throws:
javax.security.auth.login.FailedLoginException - if the username and password combination are not valid or if there is a problem communiating with the server

login

public static void login(java.lang.String username,
                         java.lang.String password,
                         boolean threadScoped)
                  throws javax.security.auth.login.FailedLoginException
Login the spedified user using the specified password either globally for the entire Java Virtural Machine or scoped to the thread.

When using thread scoped login, you should logout in a finally block. This particularly when using thread pools. If a thread is returned to the pool with a login attached to the thread the next user of that thread will inherit the thread scoped login.

Parameters:
username - the user to login
password - the password for the user
threadScoped - if true the login is scoped to the thread; otherwise the login is global for the entire Java Virtural Machine
Throws:
javax.security.auth.login.FailedLoginException - if the username and password combination are not valid or if there is a problem communiating with the server

logout

public static void logout()
Clears the thread and global login data.


directAuthentication

public static java.lang.Object directAuthentication(java.lang.String username,
                                                    java.lang.String password,
                                                    ServerMetaData server)
                                             throws javax.security.auth.login.FailedLoginException
This is a helper method for login modules. Directly authenticates with the server using the specified username and password returning the identity token for the client. This methods does not store the identity token and the caller must arrange for the to be available to the OpenEJB proxies via an IdentityResolver.

Parameters:
username - the username for authentication
password - the password for authentication
server -
Returns:
the client identity token
Throws:
javax.security.auth.login.FailedLoginException - if the username password combination is not valid

directAuthentication

public static java.lang.Object directAuthentication(java.lang.String securityRealm,
                                                    java.lang.String username,
                                                    java.lang.String password,
                                                    ServerMetaData server)
                                             throws javax.security.auth.login.FailedLoginException
Throws:
javax.security.auth.login.FailedLoginException

getIdentity

public static java.lang.Object getIdentity()

getIdentityResolver

public static IdentityResolver getIdentityResolver()

setIdentityResolver

public static void setIdentityResolver(IdentityResolver identityResolver)


Copyright © 1999-2011 The Apache OpenEJB development community. All Rights Reserved.