Module org.eclipse.jetty.security
Package org.eclipse.jetty.security

Class DefaultIdentityService

  • All Implemented Interfaces:
    IdentityService
    public class DefaultIdentityService
extends java.lang.Object
implements IdentityService
    Default Identity Service implementation. This service handles only role reference maps passed in an associated UserIdentity.Scope. If there are roles refs present, then associate will wrap the UserIdentity with one that uses the role references in the UserIdentity.isUserInRole(String, org.eclipse.jetty.server.UserIdentity.Scope) implementation. All other operations are effectively noops.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.Object associate​(org.eclipse.jetty.server.UserIdentity user)
      If there are roles refs present in the scope, then wrap the UserIdentity with one that uses the role references in the UserIdentity.isUserInRole(String, org.eclipse.jetty.server.UserIdentity.Scope)
      void disassociate​(java.lang.Object previous)
      Disassociate the user identity from the current thread and restore previous identity.
      org.eclipse.jetty.server.UserIdentity getSystemUserIdentity()  
      RunAsToken newRunAsToken​(java.lang.String runAsName)
      Create a new RunAsToken from a runAsName (normally a role).
      org.eclipse.jetty.server.UserIdentity newUserIdentity​(javax.security.auth.Subject subject, java.security.Principal userPrincipal, java.lang.String[] roles)
      Create a new UserIdentity for use with this identity service.
      java.lang.Object setRunAs​(org.eclipse.jetty.server.UserIdentity user, RunAsToken token)
      Associate a runas Token with the current user and thread.
      void unsetRunAs​(java.lang.Object lastToken)
      Disassociate the current runAsToken from the thread and reassociate the previous token.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • DefaultIdentityService

        public DefaultIdentityService()

    • Method Detail

      • associate

        public java.lang.Object associate​(org.eclipse.jetty.server.UserIdentity user)
        If there are roles refs present in the scope, then wrap the UserIdentity with one that uses the role references in the UserIdentity.isUserInRole(String, org.eclipse.jetty.server.UserIdentity.Scope)
        Specified by:
        associate in interface IdentityService
        Parameters:
        user - The current user or null for no user to associated.
        Returns:
        an object representing the previous associated state

      • setRunAs

        public java.lang.Object setRunAs​(org.eclipse.jetty.server.UserIdentity user,
                                 RunAsToken token)
        Description copied from interface: IdentityService
        Associate a runas Token with the current user and thread.
        Specified by:
        setRunAs in interface IdentityService
        Parameters:
        user - The UserIdentity
        token - The runAsToken to associate.
        Returns:
        The previous runAsToken or null.

      • unsetRunAs

        public void unsetRunAs​(java.lang.Object lastToken)
        Description copied from interface: IdentityService
        Disassociate the current runAsToken from the thread and reassociate the previous token.
        Specified by:
        unsetRunAs in interface IdentityService
        Parameters:
        lastToken - RUNAS returned from previous associateRunAs call

      • newRunAsToken

        public RunAsToken newRunAsToken​(java.lang.String runAsName)
        Description copied from interface: IdentityService
        Create a new RunAsToken from a runAsName (normally a role).
        Specified by:
        newRunAsToken in interface IdentityService
        Parameters:
        runAsName - Normally a role name
        Returns:
        A new immutable RunAsToken

      • newUserIdentity

        public org.eclipse.jetty.server.UserIdentity newUserIdentity​(javax.security.auth.Subject subject,
                                                             java.security.Principal userPrincipal,
                                                             java.lang.String[] roles)
        Description copied from interface: IdentityService
        Create a new UserIdentity for use with this identity service. The UserIdentity should be immutable and able to be cached.
        Specified by:
        newUserIdentity in interface IdentityService
        Parameters:
        subject - Subject to include in UserIdentity
        userPrincipal - Principal to include in UserIdentity. This will be returned from getUserPrincipal calls
        roles - set of roles to include in UserIdentity.
        Returns:
        A new immutable UserIdententity