org.apache.openejb.core.security
Class AbstractSecurityService

java.lang.Object
  extended by org.apache.openejb.core.security.AbstractSecurityService
All Implemented Interfaces:
BasicPolicyConfiguration.RoleResolver, ThreadContextListener, SecurityService<java.util.UUID>, Service
Direct Known Subclasses:
SecurityServiceImpl

public abstract class AbstractSecurityService
extends java.lang.Object
implements SecurityService<java.util.UUID>, ThreadContextListener, BasicPolicyConfiguration.RoleResolver

This security service chooses a UUID as its token as this can be serialized to clients, is mostly secure, and can be deserialized in a client vm without addition openejb-core classes.


Nested Class Summary
static class AbstractSecurityService.Group
           
protected static class AbstractSecurityService.Identity
           
protected static class AbstractSecurityService.SecurityContext
           
static class AbstractSecurityService.User
           
 
Field Summary
protected static java.lang.ThreadLocal<AbstractSecurityService.Identity> clientIdentity
           
protected  AbstractSecurityService.SecurityContext defaultContext
           
protected  javax.security.auth.Subject defaultSubject
           
protected  java.lang.String defaultUser
           
 
Constructor Summary
AbstractSecurityService()
           
AbstractSecurityService(java.lang.String jaccProvider)
           
 
Method Summary
 void associate(java.util.UUID securityIdentity)
          Active
 void contextEntered(ThreadContext oldContext, ThreadContext newContext)
          A new context has been entered.
 void contextExited(ThreadContext exitedContext, ThreadContext reenteredContext)
          A context has exited.
protected  javax.security.auth.Subject createRunAsSubject(java.lang.String runAsRole)
           
protected  javax.security.auth.Subject createSubject(java.lang.String name)
           
 java.util.UUID disassociate()
          Active
 java.security.Principal getCallerPrincipal()
          Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.
 java.lang.String getDefaultUser()
           
 java.util.Set<java.lang.String> getLogicalRoles(java.security.Principal[] principals, java.util.Set<java.lang.String> logicalRoles)
           
 java.lang.String getRealmName()
           
protected  javax.security.auth.Subject getRunAsSubject(DeploymentInfo callingDeploymentInfo)
           
 void init(java.util.Properties props)
           
protected static void installJacc()
           
 boolean isCallerAuthorized(java.lang.reflect.Method method, InterfaceType type)
          Active
 boolean isCallerInRole(java.lang.String role)
          Active
 java.util.UUID login(java.lang.String username, java.lang.String password)
           
 void logout(java.util.UUID securityIdentity)
          Active
protected  java.util.UUID registerSubject(javax.security.auth.Subject subject)
           
 void setDefaultUser(java.lang.String defaultUser)
           
 void setRealmName(java.lang.String realmName)
           
protected  void unregisterSubject(java.lang.Object securityIdentity)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.openejb.spi.SecurityService
login
 

Field Detail

clientIdentity

protected static final java.lang.ThreadLocal<AbstractSecurityService.Identity> clientIdentity

defaultUser

protected java.lang.String defaultUser

defaultSubject

protected javax.security.auth.Subject defaultSubject

defaultContext

protected AbstractSecurityService.SecurityContext defaultContext
Constructor Detail

AbstractSecurityService

public AbstractSecurityService()

AbstractSecurityService

public AbstractSecurityService(java.lang.String jaccProvider)
Method Detail

getRealmName

public java.lang.String getRealmName()

setRealmName

public void setRealmName(java.lang.String realmName)

getDefaultUser

public java.lang.String getDefaultUser()
Returns:
the defaultUser

setDefaultUser

public void setDefaultUser(java.lang.String defaultUser)
Parameters:
defaultUser - the defaultUser to set

init

public void init(java.util.Properties props)
          throws java.lang.Exception
Specified by:
init in interface Service
Throws:
java.lang.Exception

login

public java.util.UUID login(java.lang.String username,
                            java.lang.String password)
                     throws javax.security.auth.login.LoginException
Specified by:
login in interface SecurityService<java.util.UUID>
Throws:
javax.security.auth.login.LoginException

getLogicalRoles

public java.util.Set<java.lang.String> getLogicalRoles(java.security.Principal[] principals,
                                                       java.util.Set<java.lang.String> logicalRoles)
Specified by:
getLogicalRoles in interface BasicPolicyConfiguration.RoleResolver

contextEntered

public void contextEntered(ThreadContext oldContext,
                           ThreadContext newContext)
Description copied from interface: ThreadContextListener
A new context has been entered. The new context is already associated with the thread.

Specified by:
contextEntered in interface ThreadContextListener
Parameters:
oldContext - the old context that was associated with the thread
newContext - the new context that is now associated with the thread

getRunAsSubject

protected javax.security.auth.Subject getRunAsSubject(DeploymentInfo callingDeploymentInfo)

createRunAsSubject

protected javax.security.auth.Subject createRunAsSubject(java.lang.String runAsRole)

contextExited

public void contextExited(ThreadContext exitedContext,
                          ThreadContext reenteredContext)
Description copied from interface: ThreadContextListener
A context has exited. The reentered context is already associated with the thread.

Specified by:
contextExited in interface ThreadContextListener
Parameters:
exitedContext - the context that was exited
reenteredContext - the context that is not associated with the thread

registerSubject

protected java.util.UUID registerSubject(javax.security.auth.Subject subject)

logout

public void logout(java.util.UUID securityIdentity)
            throws javax.security.auth.login.LoginException
Description copied from interface: SecurityService
Active

Specified by:
logout in interface SecurityService<java.util.UUID>
Throws:
javax.security.auth.login.LoginException

unregisterSubject

protected void unregisterSubject(java.lang.Object securityIdentity)

associate

public void associate(java.util.UUID securityIdentity)
               throws javax.security.auth.login.LoginException
Description copied from interface: SecurityService
Active

Specified by:
associate in interface SecurityService<java.util.UUID>
Throws:
javax.security.auth.login.LoginException

disassociate

public java.util.UUID disassociate()
Description copied from interface: SecurityService
Active

Specified by:
disassociate in interface SecurityService<java.util.UUID>

isCallerInRole

public boolean isCallerInRole(java.lang.String role)
Description copied from interface: SecurityService
Active

Specified by:
isCallerInRole in interface SecurityService<java.util.UUID>

getCallerPrincipal

public java.security.Principal getCallerPrincipal()
Description copied from interface: SecurityService
Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.

Specified by:
getCallerPrincipal in interface SecurityService<java.util.UUID>

isCallerAuthorized

public boolean isCallerAuthorized(java.lang.reflect.Method method,
                                  InterfaceType type)
Description copied from interface: SecurityService
Active

Specified by:
isCallerAuthorized in interface SecurityService<java.util.UUID>

installJacc

protected static void installJacc()

createSubject

protected javax.security.auth.Subject createSubject(java.lang.String name)


Copyright © 1999-2011 The Apache OpenEJB development community. All Rights Reserved.