Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.openejb.core.security
Class AbstractSecurityService

java.lang.Object
  extended by org.apache.openejb.core.security.AbstractSecurityService
All Implemented Interfaces:
BasicPolicyConfiguration.RoleResolver, ThreadContextListener, SecurityService<UUID>, Service
Direct Known Subclasses:
SecurityServiceImpl
public abstract class AbstractSecurityService
extends Object
implements SecurityService<UUID>, ThreadContextListener, BasicPolicyConfiguration.RoleResolver

This security service chooses a UUID as its token as this can be serialized to clients, is mostly secure, and can be deserialized in a client vm without addition openejb-core classes.

Nested Class Summary
static class AbstractSecurityService.Group
           
protected static class AbstractSecurityService.Identity
           
protected static class AbstractSecurityService.SecurityContext
           
static class AbstractSecurityService.User
           
 
Field Summary
protected static ThreadLocal<AbstractSecurityService.Identity> clientIdentity
           
protected  AbstractSecurityService.SecurityContext defaultContext
           
protected  Subject defaultSubject
           
protected  String defaultUser
           
 
Constructor Summary
AbstractSecurityService()
           
AbstractSecurityService(String jaccProvider)
           
 
Method Summary
 void associate(UUID securityIdentity)
          Active
 void contextEntered(ThreadContext oldContext, ThreadContext newContext)
          A new context has been entered.
 void contextExited(ThreadContext exitedContext, ThreadContext reenteredContext)
          A context has exited.
protected  Subject createRunAsSubject(String runAsUser, String runAsRole)
           
protected  Subject createSubject(String name, String groupName)
           
 Object currentState()
           
 UUID disassociate()
          Active
 Principal getCallerPrincipal()
          Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal

JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.
 String getDefaultUser()
           
 Set<String> getLogicalRoles(Principal[] principals, Set<String> logicalRoles)
           
 String getRealmName()
           
protected  Subject getRunAsSubject(BeanContext callingBeanContext)
           
 void init(Properties props)
           
protected static void installJacc()
           
 boolean isCallerAuthorized(Method method, InterfaceType type)
          Active
 boolean isCallerInRole(String role)
          Active
 UUID login(String username, String password)
           
 void logout(UUID securityIdentity)
          Active
protected  UUID registerSubject(Subject subject)
           
 void setDefaultUser(String defaultUser)
           
 void setRealmName(String realmName)
           
 void setState(Object o)
           
protected  void unregisterSubject(Object securityIdentity)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.openejb.spi.SecurityService
login
 

Field Detail

clientIdentity

protected static final ThreadLocal<AbstractSecurityService.Identity> clientIdentity

defaultUser

protected String defaultUser

defaultSubject

protected Subject defaultSubject

defaultContext

protected AbstractSecurityService.SecurityContext defaultContext
Constructor Detail

AbstractSecurityService

public AbstractSecurityService()

AbstractSecurityService

public AbstractSecurityService(String jaccProvider)
Method Detail

getRealmName

public String getRealmName()

setRealmName

public void setRealmName(String realmName)

getDefaultUser

public String getDefaultUser()
Returns:
the defaultUser

setDefaultUser

public void setDefaultUser(String defaultUser)
Parameters:
defaultUser - the defaultUser to set

init

public void init(Properties props)
          throws Exception
Specified by:
init in interface Service
Throws:
Exception

login

public UUID login(String username,
                  String password)
           throws LoginException
Specified by:
login in interface SecurityService<UUID>
Throws:
LoginException

getLogicalRoles

public Set<String> getLogicalRoles(Principal[] principals,
                                   Set<String> logicalRoles)
Specified by:
getLogicalRoles in interface BasicPolicyConfiguration.RoleResolver

contextEntered

public void contextEntered(ThreadContext oldContext,
                           ThreadContext newContext)
Description copied from interface: ThreadContextListener
A new context has been entered. The new context is already associated with the thread.

Specified by:
contextEntered in interface ThreadContextListener
Parameters:
oldContext - the old context that was associated with the thread
newContext - the new context that is now associated with the thread

getRunAsSubject

protected Subject getRunAsSubject(BeanContext callingBeanContext)

createRunAsSubject

protected Subject createRunAsSubject(String runAsUser,
                                     String runAsRole)

contextExited

public void contextExited(ThreadContext exitedContext,
                          ThreadContext reenteredContext)
Description copied from interface: ThreadContextListener
A context has exited. The reentered context is already associated with the thread.

Specified by:
contextExited in interface ThreadContextListener
Parameters:
exitedContext - the context that was exited
reenteredContext - the context that is not associated with the thread

registerSubject

protected UUID registerSubject(Subject subject)

logout

public void logout(UUID securityIdentity)
            throws LoginException
Description copied from interface: SecurityService
Active

Specified by:
logout in interface SecurityService<UUID>
Throws:
LoginException

unregisterSubject

protected void unregisterSubject(Object securityIdentity)

associate

public void associate(UUID securityIdentity)
               throws LoginException
Description copied from interface: SecurityService
Active

Specified by:
associate in interface SecurityService<UUID>
Throws:
LoginException

disassociate

public UUID disassociate()
Description copied from interface: SecurityService
Active

Specified by:
disassociate in interface SecurityService<UUID>

isCallerInRole

public boolean isCallerInRole(String role)
Description copied from interface: SecurityService
Active

Specified by:
isCallerInRole in interface SecurityService<UUID>

getCallerPrincipal

public Principal getCallerPrincipal()
Description copied from interface: SecurityService
Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal

JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.

Specified by:
getCallerPrincipal in interface SecurityService<UUID>

isCallerAuthorized

public boolean isCallerAuthorized(Method method,
                                  InterfaceType type)
Description copied from interface: SecurityService
Active

Specified by:
isCallerAuthorized in interface SecurityService<UUID>

installJacc

protected static void installJacc()

createSubject

protected Subject createSubject(String name,
                                String groupName)

currentState

public Object currentState()
Specified by:
currentState in interface SecurityService<UUID>

setState

public void setState(Object o)
Specified by:
setState in interface SecurityService<UUID>
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 1999–2015 The Apache Software Foundation. All rights reserved.