15.11. Run As
Users sometimes need to perform certain operations with elevated privileges — for example, an unauthenticated user may need to create a new user account. Seam Security provides support in this situation with the
RunAsOperation
class. This class allows either the Principal
or Subject
, or the user's roles, to be overridden for a single set of operations.
The following code demonstrates
RunAsOperation
usage. The addRole()
method is called to provide a set of roles to 'borrow' for the duration of the operation. The execute()
method contains the code that will be executed with the elevated privileges.
new RunAsOperation() { public void execute() { executePrivilegedOperation(); } }.addRole("admin") .run();
Similarly, the
getPrincipal()
or getSubject()
methods can also be overidden to specify the Principal
and Subject
instances to use for the duration of the operation. Finally, the run()
method is used to carry out the RunAsOperation
.