SecurityManager (Payara Project 5.193.1 API)

All Known Implementing Classes:

EJBSecurityManager
```
public interface SecurityManager
```
This interface is used by the Container to manage access to EJBs. The container has a reference to an implementation of this interface.

Author:

Harish Prabandham

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`boolean`	`authorize(ComponentInvocation inv)`
`void`	`destroy()` Call this method to clean up all the bookeeping data-structures in the SM.
`Object`	`doAsPrivileged(PrivilegedExceptionAction pea)` This method is used by SecurityUtil runMethod to run the action as the subject encapsulated in the cuurent SecurityContext.
`Principal`	`getCallerPrincipal()`
`Subject`	`getCurrentSubject()` This will return the subject associated with the current call.
`Object`	`invoke(Method beanClassMethod, boolean isLocal, Object o, Object[] oa)`
`boolean`	`isCallerInRole(String role)`
`void`	`postInvoke(ComponentInvocation inv)` This method is used by the Invocation Manager to remove the run-as identity information that was set up using the preInvoke
`void`	`preInvoke(ComponentInvocation inv)` This sets up the security context - if not set and does run-as related login if required
`void`	`resetPolicyContext()` Purge ThreadLocals held by javax.security.jacc.PolicyContext

- Method Detail
  - authorize
```
boolean authorize(ComponentInvocation inv)
```
    Parameters:
    
    The - Invocation object containing the details of the invocation.
    
    Returns:
    
    true if the client is allowed to invoke the EJB, false otherwise.
  - getCallerPrincipal
```
Principal getCallerPrincipal()
```
    Returns:
    
    The Principal of the client who made the current invocation.
  - isCallerInRole
```
boolean isCallerInRole(String role)
```
    Parameters:
    
    The - EJB developer specified "logical role".
    
    Returns:
    
    A boolean true/false depending on whether or not the caller has the specified role.
  - preInvoke
```
void preInvoke(ComponentInvocation inv)
```
    This sets up the security context - if not set and does run-as related login if required
    
    Parameters:
    
    ComponentInvocation -
  - postInvoke
```
void postInvoke(ComponentInvocation inv)
```
    This method is used by the Invocation Manager to remove the run-as identity information that was set up using the preInvoke
    
    Parameters:
    
    ComponentInvocation -
  - destroy
```
void destroy()
```
    Call this method to clean up all the bookeeping data-structures in the SM.
  - getCurrentSubject
```
Subject getCurrentSubject()
```
    This will return the subject associated with the current call. If the run as subject is in effect. It will return that subject. This is done to support the JACC specification which says if the runas principal is in effect, that principal should be used for making a component call.
    
    Returns:
    
    Subject the current subject. Null if this is not the runas case
  - resetPolicyContext
```
void resetPolicyContext()
```
    Purge ThreadLocals held by javax.security.jacc.PolicyContext
  - doAsPrivileged
```
Object doAsPrivileged(PrivilegedExceptionAction pea)
               throws Throwable
```
    This method is used by SecurityUtil runMethod to run the action as the subject encapsulated in the cuurent SecurityContext.
    
    Throws:
    
    Throwable
  - invoke
```
Object invoke(Method beanClassMethod,
              boolean isLocal,
              Object o,
              Object[] oa)
       throws Throwable
```
    Throws:
    
    Throwable

Interface SecurityManager

Method Summary

Method Detail

authorize

getCallerPrincipal

isCallerInRole

preInvoke

postInvoke

destroy

getCurrentSubject

resetPolicyContext

doAsPrivileged

invoke