当前页面: 在线文档首页 > JBoss 4.0.1 sp1 server API Documentation 英文版文档
org.jboss.security
SecurityAssociation (JBoss Server API) - JBoss 4.0.1 sp1 server API Documentation 英文版文档
|
|||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||
org.jboss.security
Class SecurityAssociation
java.lang.Objectorg.jboss.security.SecurityAssociation
- public final class SecurityAssociation
- extends Object
The SecurityAssociation class maintains the security principal and credentials. This can be done on either a singleton basis or a thread local basis depending on the server property. When the server property has been set to true, the security information is maintained in thread local storage. The type of thread local storage depends on the org.jboss.security.SecurityAssociation.ThreadLocal property. If this property is true, then the thread local storage object is of type java.lang.ThreadLocal which results in the current thread's security information NOT being propagated to child threads. When the property is false or does not exist, the thread local storage object is of type java.lang.InheritableThreadLocal, and any threads spawned by the current thread will inherit the security information of the current thread. Subseqent changes to the current thread's security information are NOT propagated to any previously spawned child threads. When the server property is false, security information is maintained in class variables which makes the information available to all threads within the current VM. Note that this is not a public API class. Its an implementation detail that is subject to change without notice.
- Version:
- $Revision: 1.19.2.3.2.1 $
- Author:
- Daniel O'Connor (docodan@nycap.rr.com), Scott.Stark@jboss.org
| Nested Class Summary | |
static class |
SecurityAssociation.SubjectContext
The encapsulation of the authenticated subject |
| Constructor Summary | |
SecurityAssociation()
|
|
| Method Summary | |
static void |
clear()
Clear all principal information. |
static Principal |
getCallerPrincipal()
Get the caller's principal information. |
static Object |
getContextInfo(Object key)
Get the current thread context info. |
static Object |
getCredential()
Get the current principal credential information. |
static Principal |
getPrincipal()
Get the current principal information. |
static Subject |
getSubject()
Get the current Subject information. |
static RunAsIdentity |
peekRunAsIdentity()
Look at the current thread of control's run-as identity on the top of the stack. |
static RunAsIdentity |
peekRunAsIdentity(int depth)
Look at the current thread of control's run-as identity at the indicated depth. |
static RunAsIdentity |
popRunAsIdentity()
Pop the current thread of control's run-as identity. |
static SecurityAssociation.SubjectContext |
popSubjectContext()
Pop the current SubjectContext from the previous pushSubjectContext call and return the pushed SubjectContext ig there was one. |
static void |
pushRunAsIdentity(RunAsIdentity runAs)
Push the current thread of control's run-as identity. |
static void |
pushSubjectContext(Subject subject,
Principal principal,
Object credential)
Push the current authenticated context. |
static Object |
setContextInfo(Object key,
Object value)
Set the current thread context info. |
static void |
setCredential(Object credential)
Set the current principal credential information. |
static void |
setPrincipal(Principal principal)
Set the current principal information. |
static void |
setServer()
Set the server mode of operation. |
static void |
setSubject(Subject subject)
Set the current Subject information. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
SecurityAssociation
public SecurityAssociation()
| Method Detail |
getPrincipal
public static Principal getPrincipal()
- Get the current principal information. If a security manager is present,
then this method calls the security manager's
checkPermissionmethod with aRuntimePermission("org.jboss.security.SecurityAssociation.getPrincipalInfo")permission to ensure it's ok to access principal information. If not, aSecurityExceptionwill be thrown.- Returns:
- Principal, the current principal identity.
getCallerPrincipal
public static Principal getCallerPrincipal()
- Get the caller's principal information. If a security manager is present,
then this method calls the security manager's
checkPermissionmethod with aRuntimePermission("org.jboss.security.SecurityAssociation.getPrincipalInfo")permission to ensure it's ok to access principal information. If not, aSecurityExceptionwill be thrown.- Returns:
- Principal, the current principal identity.
getCredential
public static Object getCredential()
- Get the current principal credential information. This can be of any type
including: a String password, a char[] password, an X509 cert, etc. If a
security manager is present, then this method calls the security manager's
checkPermissionmethod with aRuntimePermission("org.jboss.security.SecurityAssociation.getPrincipalInfo")permission to ensure it's ok to access principal information. If not, aSecurityExceptionwill be thrown.- Returns:
- Object, the credential that proves the principal identity.
getSubject
public static Subject getSubject()
- Get the current Subject information. If a security manager is present,
then this method calls the security manager's checkPermission method with
a RuntimePermission("org.jboss.security.SecurityAssociation.getSubject")
permission to ensure it's ok to access principal information. If not, a
SecurityException will be thrown. Note that this method does not consider
whether or not a run-as identity exists. For access to this information
see the JACC PolicyContextHandler registered under the key
"javax.security.auth.Subject.container"
- Returns:
- Subject, the current Subject identity.
- See Also:
PolicyContext.getContext(String)
setPrincipal
public static void setPrincipal(Principal principal)
- Set the current principal information. If a security manager is present,
then this method calls the security manager's
checkPermissionmethod with aRuntimePermission("org.jboss.security.SecurityAssociation.setPrincipalInfo")permission to ensure it's ok to access principal information. If not, aSecurityExceptionwill be thrown.- Parameters:
principal- - the current principal identity.
setCredential
public static void setCredential(Object credential)
- Set the current principal credential information. This can be of any type
including: a String password, a char[] password, an X509 cert, etc.
If a security manager is present, then this method calls the security
manager's
checkPermissionmethod with aRuntimePermission("org.jboss.security.SecurityAssociation.setPrincipalInfo")permission to ensure it's ok to access principal information. If not, aSecurityExceptionwill be thrown.- Parameters:
credential- - the credential that proves the principal identity.
setSubject
public static void setSubject(Subject subject)
- Set the current Subject information. If a security manager is present,
then this method calls the security manager's
checkPermissionmethod with aRuntimePermission("org.jboss.security.SecurityAssociation.setPrincipalInfo")permission to ensure it's ok to access principal information. If not, aSecurityExceptionwill be thrown.- Parameters:
subject- - the current identity.
getContextInfo
public static Object getContextInfo(Object key)
- Get the current thread context info. If a security manager is present,
then this method calls the security manager's
checkPermissionmethod with aRuntimePermission("org.jboss.security.SecurityAssociation.accessContextInfo", "get")permission to ensure it's ok to access context information. If not, aSecurityExceptionwill be thrown.- Parameters:
key- - the context key- Returns:
- the mapping for the key in the current thread context
setContextInfo
public static Object setContextInfo(Object key, Object value)
- Set the current thread context info. If a security manager is present,
then this method calls the security manager's
checkPermissionmethod with aRuntimePermission("org.jboss.security.SecurityAssociation.accessContextInfo", "set")permission to ensure it's ok to access context information. If not, aSecurityExceptionwill be thrown.- Parameters:
key- - the context keyvalue- - the context value to associate under key- Returns:
- the previous mapping for the key if one exists
pushSubjectContext
public static void pushSubjectContext(Subject subject, Principal principal, Object credential)
- Push the current authenticated context. This sets the authenticated subject
along with the principal and proof of identity that was used to validate
the subject. This context is used for authorization checks. Typically
just the subject as seen by getSubject() is input into the authorization.
When run under a security manager this requires the
RuntimePermission("org.jboss.security.SecurityAssociation.setPrincipalInfo")
permission.
- Parameters:
subject- - the authenticated subjectprincipal- - the principal that was input into the authenticationcredential- - the credential that was input into the authentication
popSubjectContext
public static SecurityAssociation.SubjectContext popSubjectContext()
- Pop the current SubjectContext from the previous pushSubjectContext call
and return the pushed SubjectContext ig there was one.
When run under a security manager this requires the
RuntimePermission("org.jboss.security.SecurityAssociation.setPrincipalInfo")
permission.
- Returns:
- the SubjectContext pushed previously by a pushSubjectContext call
clear
public static void clear()
- Clear all principal information. If a security manager is present, then
this method calls the security manager's
checkPermissionmethod with aRuntimePermission("org.jboss.security.SecurityAssociation.setPrincipalInfo")permission to ensure it's ok to access principal information. If not, aSecurityExceptionwill be thrown.
pushRunAsIdentity
public static void pushRunAsIdentity(RunAsIdentity runAs)
- Push the current thread of control's run-as identity.
popRunAsIdentity
public static RunAsIdentity popRunAsIdentity()
- Pop the current thread of control's run-as identity.
peekRunAsIdentity
public static RunAsIdentity peekRunAsIdentity()
- Look at the current thread of control's run-as identity on the top of the
stack.
peekRunAsIdentity
public static RunAsIdentity peekRunAsIdentity(int depth)
- Look at the current thread of control's run-as identity at the indicated
depth. Typically depth is either 0 for the identity the current caller
run-as that will be assumed, or 1 for the active run-as the previous
caller has assumed.
- Returns:
- RunAsIdentity depth frames up.
setServer
public static void setServer()
- Set the server mode of operation. When the server property has been set to
true, the security information is maintained in thread local storage. This
should be called to enable property security semantics in any
multi-threaded environment where more than one thread requires that
security information be restricted to the thread's flow of control.
If a security manager is present, then this method calls the security
manager's
checkPermissionmethod with aRuntimePermission("org.jboss.security.SecurityAssociation.setServer")permission to ensure it's ok to access principal information. If not, aSecurityExceptionwill be thrown.
|
|||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||
Copyright © 2002 JBoss Group, LLC. All Rights Reserved.