SecurityDomainContext (JBoss Web Services

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jboss.wsf.spi.security
Interface SecurityDomainContext

public interface SecurityDomainContext

A container independent security domain related facility

Since:: 13-May-2011
Author:: alessio.soldano@jboss.com

Method Summary
`boolean`	`doesUserHaveRole(Principal principal, Set<Principal> roles)` Validates the application domain roles to which the operational environment Principal belongs.
`String`	`getSecurityDomain()`
`Set<Principal>`	`getUserRoles(Principal principal)` Return the set of domain roles the principal has been assigned.
`boolean`	`isValid(Principal principal, Object credential, Subject activeSubject)` The isValid method is invoked to see if a user identity and associated credentials as known in the operational environment are valid proof of the user identity.
`void`	`pushSubjectContext(Subject subject, Principal principal, Object credential)` Push the provided subject into the current security context; if that's not set yet, also creates a new security context and associates it with the current thread.

Method Detail

getSecurityDomain

String getSecurityDomain()

isValid

boolean isValid(Principal principal,
                Object credential,
                Subject activeSubject)

The isValid method is invoked to see if a user identity and associated credentials as known in the operational environment are valid proof of the user identity.

Parameters:: principal - - the user identity in the operation environment; credential - - the proof of user identity as known in the operation environment; activeSubject - - the Subject which should be populated with the validated Subject contents. A JAAS based implementation would typically populate the activeSubject with the LoginContext.login result.
Returns:: true if the principal, credential pair is valid, false otherwise.

doesUserHaveRole

boolean doesUserHaveRole(Principal principal,
                         Set<Principal> roles)

Validates the application domain roles to which the operational environment Principal belongs.

Parameters:: principal - the caller principal as known in the operation environment.; roles - The Set for the application domain roles that the principal is to be validated against.
Returns:: true if the principal has at least one of the roles in the roles set, false otherwise.

getUserRoles

Set<Principal> getUserRoles(Principal principal)

Return the set of domain roles the principal has been assigned.

Returns:: The Set for the application domain roles that the principal has been assigned.

pushSubjectContext

void pushSubjectContext(Subject subject,
                        Principal principal,
                        Object credential)

Push the provided subject into the current security context; if that's not set yet, also creates a new security context and associates it with the current thread.

Parameters:: subject -; principal -; credential -