Package org.wildfly.security.authz.jacc

Class ElytronPolicyConfigurationFactory

java.lang.Object
jakarta.security.jacc.PolicyConfigurationFactory
org.wildfly.security.authz.jacc.ElytronPolicyConfigurationFactory
public class ElytronPolicyConfigurationFactory extends PolicyConfigurationFactory

A PolicyConfigurationFactory implementation.

Accordingly with the JACC specification, a PolicyConfigurationFactory is a singleton, instantiate once during the application server startup. Thus, there is only one instance of this class for a given JRE of an application server.

The static method getCurrentPolicyConfiguration() is necessary in order to keep compatibility with TCK, given that it will wrap both factory and policy provider into its own implementations and still should be possible to obtain the policy configuration created by this factory by the JaccDelegatingPolicy. This behavior is exactly the same as currently being used by RI implementation from GF and PicketBox.

Author:
Pedro Igor
See Also:

  • Field Details

  • Constructor Details

    • ElytronPolicyConfigurationFactory

      public ElytronPolicyConfigurationFactory()

  • Method Details

    • getPolicyConfiguration

      public PolicyConfiguration getPolicyConfiguration(String contextID, boolean remove) throws PolicyContextException
      Description copied from class: PolicyConfigurationFactory
      This method is used to obtain an instance of the provider specific class that implements the PolicyConfiguration interface that corresponds to the identified policy context within the provider. The methods of the PolicyConfiguration interface are used to define the policy statements of the identified policy context.

      If at the time of the call, the identified policy context does not exist in the provider, then the policy context will be created in the provider and the Object that implements the context's PolicyConfiguration Interface will be returned. If the state of the identified context is "deleted" or "inService" it will be transitioned to the "open" state as a result of the call. The states in the lifecycle of a policy context are defined by the PolicyConfiguration interface.

      For a given value of policy context identifier, this method must always return the same instance of PolicyConfiguration and there must be at most one actual instance of a PolicyConfiguration with a given policy context identifier (during a process context).

      To preserve the invariant that there be at most one PolicyConfiguration object for a given policy context, it may be necessary for this method to be thread safe.

      Specified by:
      getPolicyConfiguration in class PolicyConfigurationFactory
      Parameters:
      contextID - A String identifying the policy context whose PolicyConfiguration interface is to be returned. The value passed to this parameter must not be null.
      remove - A boolean value that establishes whether or not the policy statements and linkages of an existing policy context are to be removed before its PolicyConfiguration object is returned. If the value passed to this parameter is true, the policy statements and linkages of an existing policy context will be removed. If the value is false, they will not be removed.
      Returns:
      an Object that implements the PolicyConfiguration Interface matched to the Policy provider and corresponding to the identified policy context.
      Throws:
      PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the getPolicyConfiguration method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

    • getPolicyConfiguration

      public PolicyConfiguration getPolicyConfiguration(String contextID)
      Description copied from class: PolicyConfigurationFactory
      This method is used to obtain an instance of the provider specific class that implements the PolicyConfiguration interface that corresponds to the identified policy context within the provider. The methods of the PolicyConfiguration interface are used to define the policy statements of the identified policy context.

      If at the time of the call, the identified policy context does not exist in the provider, then the policy context will not be created in the provider and a null will be returned. No state transition of any kind is allowed to occur, the PolicyConfiguration instance is to be returned as-is.

      For a given value of the policy context identifier, this method must always return the same instance of PolicyConfiguration and there must be at most one actual instance of a PolicyConfiguration with a given policy context identifier (during a process context).

      Specified by:
      getPolicyConfiguration in class PolicyConfigurationFactory
      Parameters:
      contextID - A String identifying the policy context whose PolicyConfiguration interface is to be returned. The value passed to this parameter must not be null.
      Returns:
      an Object that implements the PolicyConfiguration Interface matched to the Policy provider and corresponding to the identified policy context, or a null if such an Object is not present.

    • getPolicyConfiguration

      public PolicyConfiguration getPolicyConfiguration()
      Description copied from class: PolicyConfigurationFactory
      This method is used to obtain an instance of the provider specific class that implements the PolicyConfiguration interface that corresponds to the identified policy context within the provider. The policy context is identified by the value of the policy context identifier associated with the thread on which the accessor is called. The methods of the PolicyConfiguration interface are used to define the policy statements of the identified policy context.

      If at the time of the call, the identified policy context does not exist in the provider, then the policy context will not be created in the provider and a null will be returned. No state transition of any kind is allowed to occur, the PolicyConfiguration instance is to be returned as-is.

      For a given determined value of the policy context identifier, this method must always return the same instance of PolicyConfiguration and there must be at most one actual instance of a PolicyConfiguration with a given policy context identifier (during a process context).

      This method should be logically identical to calling PolicyConfigurationFactory.getPolicyConfiguration(String) with as input the value returned from PolicyContext.getContextID(), unless that value is null. In that case a null should be returned.

      Specified by:
      getPolicyConfiguration in class PolicyConfigurationFactory
      Returns:
      an Object that implements the PolicyConfiguration Interface matched to the Policy provider and corresponding to the identified policy context, or a null if such an Object is not present.

    • inService

      public boolean inService(String contextID) throws PolicyContextException
      Description copied from class: PolicyConfigurationFactory
      This method determines if the identified policy context exists with state "inService" in the Policy provider associated with the factory.
      Specified by:
      inService in class PolicyConfigurationFactory
      Parameters:
      contextID - A string identifying a policy context
      Returns:
      true if the identified policy context exists within the provider and its state is "inService", false otherwise.
      Throws:
      PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the inService method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.