Package org.eclipse.jetty.security

Class DefaultIdentityService

  • All Implemented Interfaces:
    IdentityService
    public class DefaultIdentityService
extends Object
implements IdentityService
    Default Identity Service implementation. This service handles only role reference maps passed in an associated UserIdentity.Scope. If there are roles refs present, then associate will wrap the UserIdentity with one that uses the role references in the UserIdentity.isUserInRole(String, org.eclipse.jetty.server.UserIdentity.Scope) implementation. All other operations are effectively noops.

    • Constructor Detail

      • DefaultIdentityService

        public DefaultIdentityService()

    • Method Detail

      • associate

        public Object associate​(org.eclipse.jetty.server.UserIdentity user)
        If there are roles refs present in the scope, then wrap the UserIdentity with one that uses the role references in the UserIdentity.isUserInRole(String, org.eclipse.jetty.server.UserIdentity.Scope)
        Specified by:
        associate in interface IdentityService
        Parameters:
        user - The current user or null for no user to associated.
        Returns:
        an object representing the previous associated state

      • setRunAs

        public Object setRunAs​(org.eclipse.jetty.server.UserIdentity user,
                       RunAsToken token)
        Description copied from interface: IdentityService
        Associate a runas Token with the current user and thread.
        Specified by:
        setRunAs in interface IdentityService
        Parameters:
        user - The UserIdentity
        token - The runAsToken to associate.
        Returns:
        The previous runAsToken or null.

      • unsetRunAs

        public void unsetRunAs​(Object lastToken)
        Description copied from interface: IdentityService
        Disassociate the current runAsToken from the thread and reassociate the previous token.
        Specified by:
        unsetRunAs in interface IdentityService
        Parameters:
        lastToken - RUNAS returned from previous associateRunAs call

      • newRunAsToken

        public RunAsToken newRunAsToken​(String runAsName)
        Description copied from interface: IdentityService
        Create a new RunAsToken from a runAsName (normally a role).
        Specified by:
        newRunAsToken in interface IdentityService
        Parameters:
        runAsName - Normally a role name
        Returns:
        A new immutable RunAsToken

      • newUserIdentity

        public org.eclipse.jetty.server.UserIdentity newUserIdentity​(Subject subject,
                                                             Principal userPrincipal,
                                                             String[] roles)
        Description copied from interface: IdentityService
        Create a new UserIdentity for use with this identity service. The UserIdentity should be immutable and able to be cached.
        Specified by:
        newUserIdentity in interface IdentityService
        Parameters:
        subject - Subject to include in UserIdentity
        userPrincipal - Principal to include in UserIdentity. This will be returned from getUserPrincipal calls
        roles - set of roles to include in UserIdentity.
        Returns:
        A new immutable UserIdententity