Package fish.payara.security.jacc.provider

Class PolicyConfigurationFactoryImpl

    • Constructor Detail

      • PolicyConfigurationFactoryImpl

        public PolicyConfigurationFactoryImpl()

    • Method Detail

      • registerContextProvider

        public void registerContextProvider​(String applicationContextId,
                                    jakarta.security.jacc.PolicyConfigurationFactory factory,
                                    Policy policy)
        Description copied from interface: JaccConfigurationFactory
        Registers a context (local) Jacc provider, consisting of its two elements.

        See the JACC spec for the requirements and behavior of the PolicyConfigurationFactory and the Policy.

        Note that this uses an applicationContextId for registration. This is a Servlet based ID to identify the current application. It's defined as follows: 

        
 private String getAppContextId(ServletContext servletContext) {
     return servletContext.getVirtualServerName() + " " + servletContext.getContextPath();
 }

        Specified by:
        registerContextProvider in interface JaccConfigurationFactory
        Parameters:
        applicationContextId - an ID identifying the application for which the Jacc provider is installed
        factory - the PolicyConfigurationFactory element of the Jacc Provider
        policy - the Policy element of the Jacc Provider

      • addContextIdMapping

        public void addContextIdMapping​(String applicationContextId,
                                String policyContextId)
        Description copied from interface: JaccConfigurationFactory
        Makes the mapping from the Servlet based context ID to the JACC based context ID known to the factory. This method should normally only be called by the container.
        Specified by:
        addContextIdMapping in interface JaccConfigurationFactory
        Parameters:
        applicationContextId - Servlet based identifier for an application context
        policyContextId - JACC based identifier for an application context

      • removeContextIdMappingByPolicyContextId

        public boolean removeContextIdMappingByPolicyContextId​(String policyContextId)
        Description copied from interface: JaccConfigurationFactory
        Removes the mapping from the Servlet based context ID to the JACC based context ID known to the factory.
        Specified by:
        removeContextIdMappingByPolicyContextId in interface JaccConfigurationFactory
        Parameters:
        policyContextId - JACC based identifier for an application context
        Returns:
        true if one or more mappings were removed, false otherwise

      • getContextProviderByPolicyContextId

        public ContextProvider getContextProviderByPolicyContextId​(String policyContextId)
        Description copied from interface: JaccConfigurationFactory
        Gets the context JACC provider that was set by registerContextProvider.

        Note that this uses the policyContextId, which is a JACC native ID instead of the Servlet based application ID that's used for registering. The mapping from the Servlet based ID to the JACC based ID is made known to the factory by the addContextIdMapping method.

        Specified by:
        getContextProviderByPolicyContextId in interface JaccConfigurationFactory
        Parameters:
        policyContextId - the identifier of the JACC policy context
        Returns:
        the bundled PolicyConfigurationFactory and Policy if previously set, otherwise null

      • removeContextProviderByPolicyContextId

        public ContextProvider removeContextProviderByPolicyContextId​(String policyContextId)
        Description copied from interface: JaccConfigurationFactory
        Removes any context JACC provider that was set by registerContextProvider.

        Note that this uses the policyContextId, which is a JACC native ID instead of the Servlet based application ID that's used for registering. The mapping from the Servlet based ID to the JACC based ID is made known to the factory by the addContextIdMapping method.

        Specified by:
        removeContextProviderByPolicyContextId in interface JaccConfigurationFactory
        Parameters:
        policyContextId - the identifier of the JACC policy context
        Returns:
        the bundled PolicyConfigurationFactory and Policy if previously set, otherwise null

      • getPolicyConfigurations

        protected List<jakarta.security.jacc.PolicyConfiguration> getPolicyConfigurations()

      • removePolicyConfiguration

        protected jakarta.security.jacc.PolicyConfiguration removePolicyConfiguration​(String contextID)

      • getPolicyConfiguration

        public jakarta.security.jacc.PolicyConfiguration getPolicyConfiguration​(String contextId,
                                                                        boolean remove)
                                                                 throws jakarta.security.jacc.PolicyContextException
        This method is used to obtain an instance of the provider specific class that implements the PolicyConfiguration interface that corresponds to the identified policy context within the provider. The methods of the PolicyConfiguration interface are used to define the policy statements of the identified policy context.

        If at the time of the call, the identified policy context does not exist in the provider, then the policy context will be created in the provider and the Object that implements the context's PolicyConfiguration Interface will be returned. If the state of the identified context is "deleted" or "inService" it will be transitioned to the "open" state as a result of the call. The states in the lifecycle of a policy context are defined by the PolicyConfiguration interface.

        For a given value of policy context identifier, this method must always return the same instance of PolicyConfiguration and there must be at most one actual instance of a PolicyConfiguration with a given policy context identifier (during a process context).

        To preserve the invariant that there be at most one PolicyConfiguration object for a given policy context, it may be necessary for this method to be thread safe.

        Specified by:
        getPolicyConfiguration in interface JaccConfigurationFactory
        Overrides:
        getPolicyConfiguration in class org.glassfish.exousia.modules.locked.SimplePolicyConfigurationFactory
        Parameters:
        contextID - A String identifying the policy context whose PolicyConfiguration interface is to be returned. The value passed to this parameter must not be null.

        remove - A boolean value that establishes whether or not the policy statements of an existing policy context are to be removed before its PolicyConfiguration object is returned. If the value passed to this parameter is true, the policy statements of an existing policy context will be removed. If the value is false, they will not be removed.
        Returns:
        an Object that implements the PolicyConfiguration Interface matched to the Policy provider and corresponding to the identified policy context.
        Throws:
        SecurityException - when called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
        javax.security.jacc.PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the getPolicyConfiguration method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.
        jakarta.security.jacc.PolicyContextException
        See Also:
        PolicyConfigurationFactory.getPolicyConfiguration(String, boolean)

      • inService

        public boolean inService​(String contextId)
                  throws jakarta.security.jacc.PolicyContextException
        This method determines if the identified policy context exists with state "inService" in the Policy provider associated with the factory.

        Specified by:
        inService in interface JaccConfigurationFactory
        Overrides:
        inService in class org.glassfish.exousia.modules.locked.SimplePolicyConfigurationFactory
        Parameters:
        contextID - A string identifying a policy context
        Returns:
        true if the identified policy context exists within the provider and its state is "inService", false otherwise.
        Throws:
        SecurityException - when called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
        javax.security.jacc.PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the inService method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.
        jakarta.security.jacc.PolicyContextException
        See Also:
        PolicyConfigurationFactory.inService(String)

      • getPolicyConfigurationImpls

        protected List<jakarta.security.jacc.PolicyConfiguration> getPolicyConfigurationImpls()

      • removePolicyConfigurationImpl

        protected jakarta.security.jacc.PolicyConfiguration removePolicyConfigurationImpl​(String contextID)

      • checkSetPolicyPermission

        protected void checkSetPolicyPermission()