Package com.sun.enterprise.common.iiop.security

Class SecurityContext

java.lang.Object

com.sun.enterprise.common.iiop.security.SecurityContext

public class SecurityContext
extends Object

A subject is used a container for passing the security context information in the service context field. The security context information in the subject must be stored either as a private or a public credential according to the following convention: PasswordCredential: Client authentication will be performed using the username and password in the PasswordCredential. PasswordCredential must be passed as a PrivateCredential. X500Principal:: DN name specified in X500Principal: will be asserted. X500Principal must be passed as a PublicCredential. GSSUPName: Identity specified in GSSUPName will be asserted. GSSUPName must be passed as a PublicCredential. X509CertificateCredential: The certificate chain in the credential will be asserted. The credential must be passed as a PublicCredential. AnonCredential: Anonymous identity will be asserted. Credential must be passed as a PublicCredential. Class fields in the SecurityContext are used for credential selection. There are two class fields: authcls and identcls. authcls is a Class object that identifies the credential for client authentication. identcls is a Class object that identifies the credential for identity assertion. The following semantics must be observed: 1. A client authentication token is always passed as a private credential. authcls set to the class of the authentication token 2. An identity token is always passed as a public credential. identcls is set to the class of the identity token. 3. authcls is set to null if there is no client auth token 4. identcls is set to null if there is no ident token 5. There must not be more than one instance of class identified by authcls or identcls. However, there can be one instance of identcls *and* authcls (this allows both a client auth token and an identity token to be passed across the interface).

Field Summary

Fields

Modifier and Type	Field	Description
Class	authcls
Class	identcls
Subject	subject

Constructor Summary

Constructors

Constructor	Description
SecurityContext()

Method Summary

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

subject

public Subject subject

authcls

public Class authcls

identcls

public Class identcls

Constructor Details

SecurityContext

public SecurityContext()