Package com.sun.enterprise.security

Interface SecurityManager

public interface SecurityManager
This interface is used by the Container to manage access to EJBs. The container has a reference to an implementation of this interface.
Author:
Harish Prabandham

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    authorize(org.glassfish.api.invocation.ComponentInvocation componentInvocation)
     
    void
    destroy()
    Call this method to clean up all the bookeeping data-structures in the SM.
    Object
    doAsPrivileged(PrivilegedExceptionAction<Object> pea)
     
    Principal
    getCallerPrincipal()
     
    Subject
    getCurrentSubject()
    This will return the subject associated with the current call.
    Object
    invoke(Method beanClassMethod, boolean isLocal, Object bean, Object[] methodParameters)
     
    boolean
    isCallerInRole(String role)
     
    void
    postInvoke(org.glassfish.api.invocation.ComponentInvocation componentInvocation)
    This method is used by the Invocation Manager to remove the run-as identity information that was set up using the preInvoke
    void
    preInvoke(org.glassfish.api.invocation.ComponentInvocation componentInvocation)
    This sets up the security context - if not set and does run-as related login if required
    void
    resetPolicyContext()
    Purge ThreadLocals held by jakarta.security.jacc.PolicyContext

  • Method Details

    • authorize

      boolean authorize(org.glassfish.api.invocation.ComponentInvocation componentInvocation)
      Parameters:
      componentInvocation - The Invocation object containing the details of the invocation.
      Returns:
      true if the client is allowed to invoke the EJB, false otherwise.

    • getCallerPrincipal

      Principal getCallerPrincipal()
      Returns:
      The Principal of the client who made the current invocation.

    • isCallerInRole

      boolean isCallerInRole(String role)
      Parameters:
      The - EJB developer specified "logical role".
      Returns:
      A boolean true/false depending on whether or not the caller has the specified role.

    • preInvoke

      void preInvoke(org.glassfish.api.invocation.ComponentInvocation componentInvocation)
      This sets up the security context - if not set and does run-as related login if required
      Parameters:
      componentInvocation - The Invocation object containing the details of the invocation.

    • invoke

      Object invoke(Method beanClassMethod, boolean isLocal, Object bean, Object[] methodParameters) throws Throwable
      Throws:
      Throwable

    • postInvoke

      void postInvoke(org.glassfish.api.invocation.ComponentInvocation componentInvocation)
      This method is used by the Invocation Manager to remove the run-as identity information that was set up using the preInvoke
      Parameters:
      componentInvocation - The Invocation object containing the details of the invocation.

    • destroy

      void destroy()
      Call this method to clean up all the bookeeping data-structures in the SM.

    • getCurrentSubject

      Subject getCurrentSubject()
      This will return the subject associated with the current call. If the run as subject is in effect. It will return that subject. This is done to support the JACC specification which says if the runas principal is in effect, that principal should be used for making a component call.
      Returns:
      Subject the current subject. Null if this is not the runas case

    • resetPolicyContext

      void resetPolicyContext()
      Purge ThreadLocals held by jakarta.security.jacc.PolicyContext

    • doAsPrivileged

      Object doAsPrivileged(PrivilegedExceptionAction<Object> pea) throws Throwable
      Throws:
      Throwable