Package com.sun.enterprise.security
Class SecurityContext
java.lang.Object
com.sun.enterprise.security.common.AbstractSecurityContext
com.sun.enterprise.security.SecurityContext
- All Implemented Interfaces:
com.sun.enterprise.security.integration.AppServSecurityContext
,Serializable
This class that extends AbstractSecurityContext that gets stored in Thread Local Storage. If the current thread
creates child threads, the SecurityContext stored in the current thread is automatically propagated to the child
threads.
This class is used on the server side to represent the security context.
Class is a concept introduced in JDK1.0. Thread is a concept introduced in JDK1.0. Principal is a concept introduced
in JDK1.1. Thread Local Storage is a concept introduced in JDK1.2.
- Author:
- Harish Prabandham, Harpreet Singh
- See Also:
-
Field Summary
Fields inherited from class com.sun.enterprise.security.common.AbstractSecurityContext
initiator, subject
-
Constructor Summary
ConstructorDescriptionSecurityContext
(String userName, Subject subject) SecurityContext
(String userName, Subject subject, String realm) SecurityContext
(Subject subject) Create a SecurityContext with given subject having DistinguishedPrincipalCredential. -
Method Summary
Modifier and TypeMethodDescriptionboolean
This method returns the caller principal.static SecurityContext
This method gets the SecurityContext stored in the Thread Local Store (TLS) of the current thread.com.sun.enterprise.security.integration.AppServSecurityContext
static Principal
static SecurityContext
static Subject
This method should be implemented by the subclasses to return the Credentials of the caller principal.static SecurityContext
init()
Initialize the SecurityContext and handle the unauthenticated principal casecom.sun.enterprise.security.integration.AppServSecurityContext
newInstance
(String userName, Subject subject) com.sun.enterprise.security.integration.AppServSecurityContext
newInstance
(String userName, Subject subject, String realm) void
static void
reset
(SecurityContext securityContext) No need to unmarshall the unauthenticated principal....static void
setCurrent
(SecurityContext securityContext) This method sets the SecurityContext stored in the TLS.void
setCurrentSecurityContext
(com.sun.enterprise.security.integration.AppServSecurityContext context) void
setSecurityContextWithPrincipal
(Principal principal) void
setSessionPrincipal
(Principal sessionPrincipal) static void
void
toString()
-
Constructor Details
-
SecurityContext
-
SecurityContext
Create a SecurityContext with given subject having DistinguishedPrincipalCredential. This is used for JMAC environment.- Parameters:
subject
-
-
SecurityContext
-
SecurityContext
public SecurityContext()
-
-
Method Details
-
init
Initialize the SecurityContext and handle the unauthenticated principal case -
getDefaultSecurityContext
-
getDefaultSubject
-
getDefaultCallerPrincipal
-
reset
No need to unmarshall the unauthenticated principal.... -
getCurrent
This method gets the SecurityContext stored in the Thread Local Store (TLS) of the current thread.- Returns:
- The current Security Context stored in TLS. It returns null if SecurityContext could not be found in the current thread.
-
setCurrent
This method sets the SecurityContext stored in the TLS.- Parameters:
securityContext
- The Security Context that should be stored in TLS. This public static method needs to be protected such that it can only be called by container code. Otherwise it can be called by application code to set its subject (which the EJB security manager will use to create a domain combiner, and then everything the ejb does will be run as the corresponding subject.
-
setUnauthenticatedContext
public static void setUnauthenticatedContext() -
didServerGenerateCredentials
public boolean didServerGenerateCredentials() -
getCallerPrincipal
This method returns the caller principal. This information may be redundant since the same information can be inferred by inspecting the Credentials of the caller.- Specified by:
getCallerPrincipal
in interfacecom.sun.enterprise.security.integration.AppServSecurityContext
- Specified by:
getCallerPrincipal
in classAbstractSecurityContext
- Returns:
- The caller Principal.
-
getSubject
Description copied from class:AbstractSecurityContext
This method should be implemented by the subclasses to return the Credentials of the caller principal.- Specified by:
getSubject
in interfacecom.sun.enterprise.security.integration.AppServSecurityContext
- Specified by:
getSubject
in classAbstractSecurityContext
- Returns:
- A credentials object associated with the current client invocation.
-
toString
-
getSessionPrincipal
-
setSessionPrincipal
-
getPrincipalSet
-
postConstruct
public void postConstruct() -
newInstance
-
newInstance
-
setCurrentSecurityContext
public void setCurrentSecurityContext(com.sun.enterprise.security.integration.AppServSecurityContext context) -
getCurrentSecurityContext
public com.sun.enterprise.security.integration.AppServSecurityContext getCurrentSecurityContext() -
setUnauthenticatedSecurityContext
public void setUnauthenticatedSecurityContext() -
setSecurityContextWithPrincipal
-