Package com.sun.enterprise.security

Class SecurityContext

  • All Implemented Interfaces:
    AppServSecurityContext, Serializable
    @Service
@PerLookup
public class SecurityContext
extends AbstractSecurityContext
    This class that extends AbstractSecurityContext that gets stored in Thread Local Storage. If the current thread creates child threads, the SecurityContext stored in the current thread is automatically propagated to the child threads. This class is used on the server side to represent the security context.
    Author:
    Harish Prabandham, Harpreet Singh
    See Also:
    ThreadLocal, InheritableThreadLocal, Serialized Form

    • Constructor Detail

      • SecurityContext

        public SecurityContext​(String username,
                       Subject subject)

      • SecurityContext

        public SecurityContext​(Subject subject)
        Create a SecurityContext with the given subject having a DistinguishedPrincipalCredential.

        This is used for a JASPIC environment.

        Parameters:
        subject -

      • SecurityContext

        public SecurityContext​(String username,
                       Subject subject,
                       String realm)

      • SecurityContext

        public SecurityContext()

    • Method Detail

      • init

        public static SecurityContext init()
        Initialize the SecurityContext and handle the unauthenticated principal case

      • getDefaultSecurityContext

        public static SecurityContext getDefaultSecurityContext()

      • getDefaultSubject

        public static Subject getDefaultSubject()

      • getDefaultCallerPrincipal

        public static Principal getDefaultCallerPrincipal()

      • reset

        public static void reset​(SecurityContext securityContext)
        No need to unmarshall the unauthenticated principal....

      • getCurrent

        public static SecurityContext getCurrent()
        This method gets the SecurityContext stored in the Thread Local Store (TLS) of the current thread.
        Returns:
        The current Security Context stored in TLS. It returns null if SecurityContext could not be found in the current thread.

      • setCurrent

        public static void setCurrent​(SecurityContext securityContext)
        This method sets the SecurityContext stored in the TLS.
        Parameters:
        securityContext - The Security Context that should be stored in TLS. This public static method needs to be protected such that it can only be called by container code. Otherwise it can be called by application code to set its subject (which the EJB security manager will use to create a domain combiner, and then everything the ejb does will be run as the corresponding subject.

      • setUnauthenticatedContext

        public static void setUnauthenticatedContext()

      • didServerGenerateCredentials

        public boolean didServerGenerateCredentials()

      • postConstruct

        public void postConstruct()

      • getCurrentSecurityContext

        public AppServSecurityContext getCurrentSecurityContext()
        Returns:
        the current security context

      • setUnauthenticatedSecurityContext

        public void setUnauthenticatedSecurityContext()
        Description copied from interface: AppServSecurityContext
        set the unauthenticated context

      • setSecurityContextWithPrincipal

        public void setSecurityContextWithPrincipal​(Principal principal)
        Description copied from interface: AppServSecurityContext
        set the SecurityContext with given Principal