Package com.sun.enterprise.security.common

Class ClientSecurityContext

java.lang.Object

com.sun.enterprise.security.common.AbstractSecurityContext

com.sun.enterprise.security.common.ClientSecurityContext

All Implemented Interfaces:

AppServSecurityContext, Serializable

public final class ClientSecurityContext
extends AbstractSecurityContext

This class represents the security context on the client side. For usage of the IIOP_CLIENT_PER_THREAD_FLAG flag, see UsernamePasswordStore. When set to false, the volatile field sharedCsc is used to store the context.

Author:

Harpreet Singh

See Also:

UsernamePasswordStore, Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
static String	IIOP_CLIENT_PER_THREAD_FLAG

Fields inherited from class com.sun.enterprise.security.common.AbstractSecurityContext

additionalPrincipal, callerPrincipal, subject

Constructor Summary

Constructors

Constructor	Description
ClientSecurityContext(String username, Subject subject)	This creates a new ClientSecurityContext object.

Method Summary

Modifier and Type	Method	Description
Principal	getCallerPrincipal()	This method returns the caller principal.
static ClientSecurityContext	getCurrent()	This method gets the SecurityContext stored here.
AppServSecurityContext	getCurrentSecurityContext()
Subject	getSubject()	This method should be implemented by the subclasses to return the Credentials of the caller principal.
static boolean	hasEmtpyCredentials(ClientSecurityContext clientSecurityContext)
AppServSecurityContext	newInstance(String userName, Subject subject)
AppServSecurityContext	newInstance(String userName, Subject subject, String realm)
static void	setCurrent(ClientSecurityContext clientSecurityContext)	This method sets the SecurityContext to be stored here.
void	setCurrentSecurityContext(AppServSecurityContext context)	set the current security context
void	setSecurityContextWithPrincipal(Principal principal)	set the SecurityContext with given Principal
void	setUnauthenticatedSecurityContext()	set the unauthenticated context
String	toString()

Methods inherited from class com.sun.enterprise.security.common.AbstractSecurityContext

getAdditionalPrincipal, setAdditionalPrincipal

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

IIOP_CLIENT_PER_THREAD_FLAG

public static final String IIOP_CLIENT_PER_THREAD_FLAG

See Also:

Constant Field Values

Constructor Detail

ClientSecurityContext

public ClientSecurityContext(String username,
                             Subject subject)

This creates a new ClientSecurityContext object.

Parameters:

The - name of the user.

The - Credentials of the user.

Method Detail

getCurrent

public static ClientSecurityContext getCurrent()

This method gets the SecurityContext stored here. If using a per-thread authentication model, it gets the context from Thread Local Store (TLS) of the current thread. If not using a per-thread authentication model, it gets the singleton context.

Returns:

The current Security Context stored here. It returns null if SecurityContext could not be found.

setCurrent

public static void setCurrent(ClientSecurityContext clientSecurityContext)

This method sets the SecurityContext to be stored here.

Parameters:

The - Security Context that should be stored.

getCallerPrincipal

public Principal getCallerPrincipal()

This method returns the caller principal. This information may be redundant since the same information can be inferred by inspecting the Credentials of the caller.

Specified by:

getCallerPrincipal in interface AppServSecurityContext

Specified by:

getCallerPrincipal in class AbstractSecurityContext

Returns:

The caller Principal.

getSubject

public Subject getSubject()

Description copied from class: AbstractSecurityContext

This method should be implemented by the subclasses to return the Credentials of the caller principal.

Specified by:

getSubject in interface AppServSecurityContext

Specified by:

getSubject in class AbstractSecurityContext

Returns:

A credentials object associated with the current client invocation.

toString

public String toString()

Overrides:

toString in class Object

hasEmtpyCredentials

public static boolean hasEmtpyCredentials(ClientSecurityContext clientSecurityContext)

newInstance

public AppServSecurityContext newInstance(String userName,
                                          Subject subject,
                                          String realm)

Returns:

a new instance

newInstance

public AppServSecurityContext newInstance(String userName,
                                          Subject subject)

Returns:

a new instance

setCurrentSecurityContext

public void setCurrentSecurityContext(AppServSecurityContext context)

Description copied from interface: AppServSecurityContext

set the current security context

getCurrentSecurityContext

public AppServSecurityContext getCurrentSecurityContext()

Returns:

the current security context

setUnauthenticatedSecurityContext

public void setUnauthenticatedSecurityContext()

Description copied from interface: AppServSecurityContext

set the unauthenticated context

setSecurityContextWithPrincipal

public void setSecurityContextWithPrincipal(Principal principal)

Description copied from interface: AppServSecurityContext

set the SecurityContext with given Principal