| org.jboss.web.tomcat.security.JBossSecurityMgrRealm org.jboss.web.tomcat.security.JaccAuthorizationRealm
All known Subclasses: org.jboss.web.tomcat.security.ExtendedJaccAuthorizationRealm,
JaccAuthorizationRealm | public class JaccAuthorizationRealm extends JBossSecurityMgrRealm (Code) | | A subclass of JBossSecurityMgrRealm that peforms authorization based on
the JACC permissions and active Policy implementation.
author: Scott.Stark@jboss.org author: Anil.Saldhana@jboss.org version: $Revision: 60856 $ |
JaccAuthorizationRealm | public JaccAuthorizationRealm()(Code) | | |
checkSecurityAssociation | protected boolean checkSecurityAssociation(Permission perm, Principal requestPrincpal)(Code) | | See if the given JACC permission is implied using the caller as
obtained from either the
PolicyContext.getContext(javax.security.auth.Subject.container) or
the info associated with the requestPrincipal.
Parameters: perm - - the JACC permission to check Parameters: requestPrincpal - - the http request getPrincipal true if the permission is allowed, false otherwise |
checkSecurityAssociation | protected boolean checkSecurityAssociation(Permission perm, Principal[] principals)(Code) | | See if the given permission is implied by the Policy. This calls
Policy.implies(pd, perm) with the ProtectionDomain built from the
active CodeSource set by the JaccContextValve, and the given
principals.
Parameters: perm - - the JACC permission to evaluate Parameters: principals - - the possibly null set of principals for the caller true if the permission is allowed, false otherwise |
establishSubjectContext | protected Subject establishSubjectContext(Principal principal)(Code) | | Ensure that the JACC PolicyContext Subject handler has access to the
authenticated Subject. The caching of the authentication state by tomcat
means that we need to retrieve the Subject from the JBossGenericPrincipal
if the realm was not invoked to authenticate the caller.
Parameters: principal - - the http request getPrincipal the authenticated Subject is there is one, null otherwise |
findSecurityConstraints | public SecurityConstraint[] findSecurityConstraints(Request request, Context context)(Code) | | JBAS-2519:Delegate to JACC provider for unsecured resources in web.xml
|
getSecurityConstraintProviderClass | public String getSecurityConstraintProviderClass()(Code) | | Get the Security Constraints Provider Class
|
hasResourcePermission | public boolean hasResourcePermission(Request request, Response response, SecurityConstraint[] securityConstraints, Context context) throws IOException(Code) | | |
hasUserDataPermission | public boolean hasUserDataPermission(Request request, Response response, SecurityConstraint[] constraints) throws IOException(Code) | | |
isUnprotectedResourceDelegation | public boolean isUnprotectedResourceDelegation()(Code) | | Whether the delegation to JACC provider
for unprotected resources is enabled
|
requestURI | static String requestURI(Request request)(Code) | | Get the canonical request uri from the request mapping data requestPath
Parameters: request - the request URI path |
setSecurityConstraintProviderClass | public void setSecurityConstraintProviderClass(String securityConstraintProviderClass)(Code) | | Set the Security Constraints Provider Class
Parameters: securityConstraintProviderClass - |
setUnprotectedResourceDelegation | public void setUnprotectedResourceDelegation(boolean unprotectedResourceDelegation)(Code) | | Set whether the delegation to JACC provider
for unprotected resources must be enabled
Parameters: unprotectedResourceDelegation - |
Fields inherited from org.jboss.web.tomcat.security.JBossSecurityMgrRealm | static Logger log(Code)(Java Doc)
|
Methods inherited from org.jboss.web.tomcat.security.JBossSecurityMgrRealm | public Principal authenticate(X509Certificate[] certs)(Code)(Java Doc) public Principal authenticate(String username, String digest, String nonce, String nc, String cnonce, String qop, String realm, String md5a2)(Code)(Java Doc) public Principal authenticate(String username, String credentials)(Code)(Java Doc) public Principal authenticate(String username, byte[] credentials)(Code)(Java Doc) protected Principal getCachingPrincpal(RealmMapping realmMapping, Principal authPrincipal, Principal callerPrincipal, Object credential, Subject subject)(Code)(Java Doc) protected String getName()(Code)(Java Doc) protected String getPassword(String username)(Code)(Java Doc) protected Principal getPrincipal(String username)(Code)(Java Doc) protected Set getPrincipalRoles(Principal principal)(Code)(Java Doc) public boolean hasResourcePermission(Request request, Response response, SecurityConstraint[] constraints, org.apache.catalina.Context context) throws IOException(Code)(Java Doc) public boolean hasRole(Principal principal, String role)(Code)(Java Doc) public void setCertificatePrincipal(String className)(Code)(Java Doc) public void start() throws LifecycleException(Code)(Java Doc) public void stop() throws LifecycleException(Code)(Java Doc)
|
|
|