public class NoAccessSecurityManager extends Object implements SubjectSecurityManager, RealmMapping, Serializable
isValid(java.security.Principal, Object, Subject)
,
getPrincipal(java.security.Principal)
,
doesUserHaveRole(java.security.Principal, java.util.Set)
,
Serialized FormConstructor and Description |
---|
NoAccessSecurityManager(String securityDomain)
Creates a default JaasSecurityManager for with the
given securityDomain name.
|
Modifier and Type | Method and Description |
---|---|
boolean |
doesUserHaveRole(Principal principal,
Set<Principal> roleNames)
Does the current Subject have a role(a Principal) that equates to one
of the role names.
|
Subject |
getActiveSubject()
Get the currently authenticated Subject.
|
Principal |
getPrincipal(Principal principal)
Always returns the argument principal.
|
String |
getSecurityDomain()
Get the name of the security domain associated with this security mgr.
|
Principal |
getTargetPrincipal(Principal anotherDomainPrincipal,
Map<String,Object> contextMap)
Trust related usecases may require translation of a principal from another domain
to the current domain
An implementation of this interface may need to do a backdoor contact of the external
trust provider in deriving the target principal
|
Set<Principal> |
getUserRoles(Principal principal)
Return the set of domain roles the principal has been assigned.
|
boolean |
isValid(MessageInfo requestMessage,
Subject clientSubject,
String layer) |
boolean |
isValid(MessageInfo requestMessage,
Subject clientSubject,
String layer,
CallbackHandler handler) |
boolean |
isValid(Principal principal,
Object credential)
Validate that the given credential is correct for principal.
|
boolean |
isValid(Principal principal,
Object credential,
Subject activeSubject)
Validate that the given credential is correct for principal.
|
void |
logout(Principal principal,
Subject subject)
No-op implementation: no user was previously authenticated by this manager so there's no state left to cleanup.
|
public NoAccessSecurityManager(String securityDomain)
public String getSecurityDomain()
getSecurityDomain
in interface BaseSecurityManager
public Subject getActiveSubject()
getActiveSubject
in interface AuthenticationManager
PolicyContextHandler.getContext(String, Object)
public boolean isValid(Principal principal, Object credential)
isValid
in interface AuthenticationManager
principal
- - the user identity in the operation environmentcredential
- - the proof of user identity as known in the
operation environmentAuthenticationManager.isValid(Principal, Object, Subject)
public boolean isValid(Principal principal, Object credential, Subject activeSubject)
isValid
in interface AuthenticationManager
principal
- - the user identity in the operation environmentcredential
- - the proof of user identity as known in the
operation environmentactiveSubject
- - the Subject which should be populated with the
validated Subject contents. A JAAS based implementation would typically
populate the activeSubject with the LoginContext.login result.public boolean isValid(MessageInfo requestMessage, Subject clientSubject, String layer)
public boolean isValid(MessageInfo requestMessage, Subject clientSubject, String layer, CallbackHandler handler)
public Principal getTargetPrincipal(Principal anotherDomainPrincipal, Map<String,Object> contextMap)
AuthenticationManager
getTargetPrincipal
in interface AuthenticationManager
anotherDomainPrincipal
- Principal that is applicable in the other domain
(Can be null - in which case the contextMap is used
solely to derive the target principal)contextMap
- Any context information (including information on the other domain
that may be relevant in deriving the target principal). Any SAML
assertions that may be relevant can be passed here.public Principal getPrincipal(Principal principal)
getPrincipal
in interface RealmMapping
principal
- the caller principal as known in the operation environment.public boolean doesUserHaveRole(Principal principal, Set<Principal> roleNames)
doesUserHaveRole
in interface RealmMapping
principal
- - ignored.roleNames
- - ignored.public Set<Principal> getUserRoles(Principal principal)
getUserRoles
in interface RealmMapping
public void logout(Principal principal, Subject subject)
logout
in interface AuthenticationManager
principal
- the Principal
being logged out.subject
- the Subject
associated with the principal being logged out.Copyright © 2017 JBoss by Red Hat. All rights reserved.