Package com.sun.enterprise.security

Class SecurityContext

java.lang.Object
com.sun.enterprise.security.common.AbstractSecurityContext
com.sun.enterprise.security.SecurityContext
All Implemented Interfaces:
com.sun.enterprise.security.integration.AppServSecurityContext, Serializable
@Service @PerLookup public class SecurityContext extends AbstractSecurityContext
This class that extends AbstractSecurityContext that gets stored in Thread Local Storage. If the current thread creates child threads, the SecurityContext stored in the current thread is automatically propagated to the child threads. This class is used on the server side to represent the security context. Class is a concept introduced in JDK1.0. Thread is a concept introduced in JDK1.0. Principal is a concept introduced in JDK1.1. Thread Local Storage is a concept introduced in JDK1.2.
Author:
Harish Prabandham, Harpreet Singh
See Also:

  • Constructor Details

    • SecurityContext

      public SecurityContext(String userName, Subject subject)

    • SecurityContext

      public SecurityContext(Subject subject)
      Create a SecurityContext with given subject having DistinguishedPrincipalCredential. This is used for JMAC environment.
      Parameters:
      subject -

    • SecurityContext

      public SecurityContext(String userName, Subject subject, String realm)

    • SecurityContext

      public SecurityContext()

  • Method Details

    • init

      public static SecurityContext init()
      Initialize the SecurityContext and handle the unauthenticated principal case

    • getDefaultSecurityContext

      public static SecurityContext getDefaultSecurityContext()

    • getDefaultSubject

      public static Subject getDefaultSubject()

    • getDefaultCallerPrincipal

      public static Principal getDefaultCallerPrincipal()

    • reset

      public static void reset(SecurityContext securityContext)
      No need to unmarshall the unauthenticated principal....

    • getCurrent

      public static SecurityContext getCurrent()
      This method gets the SecurityContext stored in the Thread Local Store (TLS) of the current thread.
      Returns:
      The current Security Context stored in TLS. It returns null if SecurityContext could not be found in the current thread.

    • setCurrent

      public static void setCurrent(SecurityContext securityContext)
      This method sets the SecurityContext stored in the TLS.
      Parameters:
      securityContext - The Security Context that should be stored in TLS. This public static method needs to be protected such that it can only be called by container code. Otherwise it can be called by application code to set its subject (which the EJB security manager will use to create a domain combiner, and then everything the ejb does will be run as the corresponding subject.

    • setUnauthenticatedContext

      public static void setUnauthenticatedContext()

    • didServerGenerateCredentials

      public boolean didServerGenerateCredentials()

    • getCallerPrincipal

      public Principal getCallerPrincipal()
      This method returns the caller principal. This information may be redundant since the same information can be inferred by inspecting the Credentials of the caller.
      Specified by:
      getCallerPrincipal in interface com.sun.enterprise.security.integration.AppServSecurityContext
      Specified by:
      getCallerPrincipal in class AbstractSecurityContext
      Returns:
      The caller Principal.

    • getSubject

      public Subject getSubject()
      Description copied from class: AbstractSecurityContext
      This method should be implemented by the subclasses to return the Credentials of the caller principal.
      Specified by:
      getSubject in interface com.sun.enterprise.security.integration.AppServSecurityContext
      Specified by:
      getSubject in class AbstractSecurityContext
      Returns:
      A credentials object associated with the current client invocation.

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • getSessionPrincipal

      public Principal getSessionPrincipal()

    • setSessionPrincipal

      public void setSessionPrincipal(Principal sessionPrincipal)

    • getPrincipalSet

      public Set<Principal> getPrincipalSet()

    • postConstruct

      public void postConstruct()

    • newInstance

      public com.sun.enterprise.security.integration.AppServSecurityContext newInstance(String userName, Subject subject, String realm)

    • newInstance

      public com.sun.enterprise.security.integration.AppServSecurityContext newInstance(String userName, Subject subject)

    • setCurrentSecurityContext

      public void setCurrentSecurityContext(com.sun.enterprise.security.integration.AppServSecurityContext context)

    • getCurrentSecurityContext

      public com.sun.enterprise.security.integration.AppServSecurityContext getCurrentSecurityContext()

    • setUnauthenticatedSecurityContext

      public void setUnauthenticatedSecurityContext()

    • setSecurityContextWithPrincipal

      public void setSecurityContextWithPrincipal(Principal principal)