Package com.sun.enterprise.security

Class SecurityContext

  • All Implemented Interfaces:
    com.sun.enterprise.security.integration.AppServSecurityContext, Serializable
    @Service
@PerLookup
public class SecurityContext
extends AbstractSecurityContext
    This class that extends AbstractSecurityContext that gets stored in Thread Local Storage. If the current thread creates child threads, the SecurityContext stored in the current thread is automatically propagated to the child threads. This class is used on the server side to represent the security context. Thread Local Storage is a concept introduced in JDK1.2.
    Author:
    Harish Prabandham, Harpreet Singh
    See Also:
    ThreadLocal, InheritableThreadLocal, Serialized Form

    • Constructor Detail

      • SecurityContext

        public SecurityContext​(String userName,
                       Subject subject)

      • SecurityContext

        public SecurityContext​(Subject subject)
        Create a SecurityContext with given subject having DistinguishedPrincipalCredential. This is used for JMAC environment.
        Parameters:
        subject -

      • SecurityContext

        public SecurityContext​(String userName,
                       Subject subject,
                       String realm)

      • SecurityContext

        public SecurityContext()

    • Method Detail

      • init

        public static SecurityContext init()
        Initialize the SecurityContext and handle the unauthenticated principal case

      • getDefaultSecurityContext

        public static SecurityContext getDefaultSecurityContext()

      • getDefaultSubject

        public static Subject getDefaultSubject()

      • getDefaultCallerPrincipal

        public static Principal getDefaultCallerPrincipal()

      • reset

        public static void reset​(SecurityContext sc)
        No need to unmarshall the unauthenticated principal....

      • getCurrent

        public static SecurityContext getCurrent()
        This method gets the SecurityContext stored in the Thread Local Store (TLS) of the current thread.
        Returns:
        The current Security Context stored in TLS. It returns null if SecurityContext could not be found in the current thread.

      • setCurrent

        public static void setCurrent​(SecurityContext sc)
        This method sets the SecurityContext stored in the TLS.
        Parameters:
        sc - The Security Context that should be stored in TLS. This public static method needs to be protected such that it can only be called by container code. Otherwise it can be called by application code to set its subject (which the EJB security manager will use to create a domain combiner, and then everything the ejb does will be run as the corresponding subject.

      • setUnauthenticatedContext

        public static void setUnauthenticatedContext()

      • didServerGenerateCredentials

        public boolean didServerGenerateCredentials()

      • getCallerPrincipal

        public Principal getCallerPrincipal()
        This method returns the caller principal. This information may be redundant since the same information can be inferred by inspecting the Credentials of the caller.
        Specified by:
        getCallerPrincipal in interface com.sun.enterprise.security.integration.AppServSecurityContext
        Specified by:
        getCallerPrincipal in class AbstractSecurityContext
        Returns:
        The caller Principal.

      • getSubject

        public Subject getSubject()
        Description copied from class: AbstractSecurityContext
        This method should be implemented by the subclasses to return the Credentials of the caller principal.
        Specified by:
        getSubject in interface com.sun.enterprise.security.integration.AppServSecurityContext
        Specified by:
        getSubject in class AbstractSecurityContext
        Returns:
        A credentials object associated with the current client invocation.

      • postConstruct

        public void postConstruct()

      • newInstance

        public com.sun.enterprise.security.integration.AppServSecurityContext newInstance​(String userName,
                                                                                  Subject subject,
                                                                                  String realm)

      • newInstance

        public com.sun.enterprise.security.integration.AppServSecurityContext newInstance​(String userName,
                                                                                  Subject subject)

      • setCurrentSecurityContext

        public void setCurrentSecurityContext​(com.sun.enterprise.security.integration.AppServSecurityContext context)

      • getCurrentSecurityContext

        public com.sun.enterprise.security.integration.AppServSecurityContext getCurrentSecurityContext()

      • setUnauthenticatedSecurityContext

        public void setUnauthenticatedSecurityContext()

      • setSecurityContextWithPrincipal

        public void setSecurityContextWithPrincipal​(Principal principal)