IdentityService (Jetty :: Project 7.2.1.v20101111 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.eclipse.jetty.security
Interface IdentityService

All Known Implementing Classes:: DefaultIdentityService

public interface IdentityService

Associates UserIdentities from with threads and UserIdentity.Contexts.

Field Summary
`static java.lang.String[]`	`NO_ROLES`

Method Summary
`java.lang.Object`	`associate(UserIdentity user)` Associate a user identity with the current thread.
`void`	`disassociate(java.lang.Object previous)` Disassociate the user identity from the current thread and restore previous identity.
`UserIdentity`	`getSystemUserIdentity()`
`RunAsToken`	`newRunAsToken(java.lang.String runAsName)` Create a new RunAsToken from a runAsName (normally a role).
`UserIdentity`	`newUserIdentity(javax.security.auth.Subject subject, java.security.Principal userPrincipal, java.lang.String[] roles)` Create a new UserIdentity for use with this identity service.
`java.lang.Object`	`setRunAs(UserIdentity user, RunAsToken token)` Associate a runas Token with the current user and thread.
`void`	`unsetRunAs(java.lang.Object token)` Disassociate the current runAsToken from the thread and reassociate the previous token.

Field Detail

NO_ROLES

static final java.lang.String[] NO_ROLES

Method Detail

associate

java.lang.Object associate(UserIdentity user)

Associate a user identity with the current thread. This is called with as a thread enters the SecurityHandler.handle(String, Request, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method and then again with a null argument as that call exits.

Parameters:: user - The current user or null for no user to associated.
Returns:: an object representing the previous associated state

disassociate

void disassociate(java.lang.Object previous)

Disassociate the user identity from the current thread and restore previous identity.

Parameters:: previous - The opaque object returned from a call to associate(UserIdentity)

setRunAs

java.lang.Object setRunAs(UserIdentity user,
                          RunAsToken token)

Associate a runas Token with the current user and thread.

Parameters:: user - The UserIdentity; token - The runAsToken to associate.
Returns:: The previous runAsToken or null.

unsetRunAs

void unsetRunAs(java.lang.Object token)

Disassociate the current runAsToken from the thread and reassociate the previous token.

Parameters:: token - RUNAS returned from previous associateRunAs call

newUserIdentity

UserIdentity newUserIdentity(javax.security.auth.Subject subject,
                             java.security.Principal userPrincipal,
                             java.lang.String[] roles)

Create a new UserIdentity for use with this identity service. The UserIdentity should be immutable and able to be cached.

Parameters:: subject - Subject to include in UserIdentity; userPrincipal - Principal to include in UserIdentity. This will be returned from getUserPrincipal calls; roles - set of roles to include in UserIdentity.
Returns:: A new immutable UserIdententity

newRunAsToken

RunAsToken newRunAsToken(java.lang.String runAsName)

Create a new RunAsToken from a runAsName (normally a role).

Parameters:: runAsName - Normally a role name
Returns:: A new immutable RunAsToken

getSystemUserIdentity

UserIdentity getSystemUserIdentity()