| java.lang.Object
 javax.security.jacc.PolicyContext
| PolicyContext | | final public class PolicyContext (Code) | | This utility class is used by containers to communicate policy context
identifiers and other policy relevant context to Policy providers. Policy
providers use the policy context identifier to select the subset of policy
to apply in access decisions.
The value of a policy context identifier is a String and each thread has an
independently established policy context identifier. A container will
establish the thread-scoped value of a policy context identifier by calling
the static setContextID method. The value of a thread-scoped policy context
identifier is available (to Policy) by calling the static getContextID method.
This class is also used by Policy providers to request additional
thread-scoped policy relevant context objects from the calling container.
Containers register container-specific PolicyContext handlers using the
static registerHandler method. Handler registration is scoped to the class,
such that the same handler registrations are active in all thread contexts.
Containers may use the static method setHandlerData to establish a
thread-scoped parameter that will be passed to handlers when they are
activated by Policy providers. The static getContext method is used to
activate a handler and obtain the corresponding context object.
The static accessor functions provided by this class allow per-thread policy
context values to be established and communicated independent of a common
reference to a particular PolicyContext instance.
The PolicyContext class may encapsulate static ThreadLocal instance variables
to represent the policy context identifier and handler data values.
The Application server must bundle or install the PolicyContext class, and
the containers of the application server must prevent the methods of the
PolicyContext class from being called from calling contexts that are not
authorized to call these methods. With the exception of the getContextID
and GetHandlerKeys methods, containers must restrict and afford access to
the methods of the PolicyContext class to calling contexts trusted by the
container to perform container access decisions. The PolicyContext class may
satisfy this requirement (on behalf of its container) by rejecting calls made
from an AccessControlContext that has not been granted the "setPolicy"
SecurityPermission, and by ensuring that Policy providers used to perform
container access decisions are granted the "setPolicy" permission.
See Also: http://java.sun.com/j2ee/1.4/docs/api/
author:
Scott.Stark@jboss.org
author:
Ron Monzillo, Gary Ellison (javadoc)
version:
$Revision: 57196 $ |
| Method Summary | |
| public static Object | getContext(String key)
This method may be used by a Policy provider to activate the
PolicyContextHandler registered to the context object key and cause it to
return the corresponding policy context object from the container. | | public static String | getContextID()
This method returns the value of the policy context identifier associated
with the thread on which the accessor is called.
the possibly null policy context identifier established for thethread. | | public static Set | getHandlerKeys()
This method may be used to obtain the keys that identify the container
specific context handlers registered by the container. | | public static void | registerHandler(String key, PolicyContextHandler handler, boolean replace)
Authorization protected method used to register a container specific
PolicyContext handler. | | public static void | setContextID(String contextID)
Authorization protected method used to modify the value of the policy
context identifier associated with the thread on which this method is
called
Parameters:
contextID - - a String that represents the value of the policycontext identifier to be assigned to the PolicyContext for the callingthread. | | public static void | setHandlerData(Object data)
Authorization protected method that may be used to associate a
thread-scoped handler data object with the PolicyContext. |
| getContext | | public static Object getContext(String key) throws PolicyContextException(Code) | | This method may be used by a Policy provider to activate the
PolicyContextHandler registered to the context object key and cause it to
return the corresponding policy context object from the container. When
this method activates a handler, it passes to the handler the context
object key and the handler data associated with the calling thread.
Parameters:
key - - a non-null String that identifies the PolicyContextHandler toactivate as well as the context object to be acquired from the handler. the container and handler specific object containing the desiredcontext. A null value is returned if the corresponding handler has beenregistered, and the value of the corresponding context is null.
throws:
IllegalArgumentException - - if a PolicyContextHandler has not beenregistered for the key or the registered handler no longer supports the key.
throws:
SecurityException - - if the caller does not have theSecurityPermission("getPolicy") permission.
throws:
PolicyContextException - - if an operation by this method on theidentified PolicyContextHandler causes it to throw a checked exceptionthat is not accounted for in the signature of this method. |
| getContextID | | public static String getContextID()(Code) | | This method returns the value of the policy context identifier associated
with the thread on which the accessor is called.
the possibly null policy context identifier established for thethread. This method must return the default policy context identifier,null, if the policy context identifier of the thread has not been set viasetContext to another value. |
| getHandlerKeys | | public static Set getHandlerKeys()(Code) | | This method may be used to obtain the keys that identify the container
specific context handlers registered by the container.
A Set, the elements of which, are the String key values thatidentify the handlers that have been registered and therefore may beactivated on the PolicyContext |
| registerHandler | | public static void registerHandler(String key, PolicyContextHandler handler, boolean replace) throws PolicyContextException(Code) | | Authorization protected method used to register a container specific
PolicyContext handler. A handler may be registered to handle multiple keys,
but at any time, at most one handler may be registered for a key.
Parameters:
key - - a case-sensitive, non-null String that identifies the contextobject handled by the handler.
Parameters:
handler - - an non-null object that implements the PolicyContextHandlerinterface.
Parameters:
replace - - this boolean value defines the behavior of this methodif, when it is called, a PolicyContextHandler has already been registeredto handle the same key. In that case, and if the value of this argument istrue, the existing handler is replaced with the argument handler. If thevalue of this parameter is false the existing registration is preservedand an exception is thrown.
throws:
IllegalArgumentException - - if the value of either of the handleror key arguments is null, or the value of the replace argument is falseand a handler with the same key as the argument handler is alreadyregistered.
throws:
SecurityException - - if the caller does not have theSecurityPermission("setPolicy") permission.
throws:
PolicyContextException - - if an operation by this method on theargument PolicyContextHandler causes it to throw a checked exception thatis not accounted for in the signature of this method. |
| setContextID | | public static void setContextID(String contextID)(Code) | | Authorization protected method used to modify the value of the policy
context identifier associated with the thread on which this method is
called
Parameters:
contextID - - a String that represents the value of the policycontext identifier to be assigned to the PolicyContext for the callingthread. The value null is a legitimate value for this parameter.
throws:
SecurityException - - if the caller does not have theSecurityPermission("setPolicy") permission. |
| setHandlerData | | public static void setHandlerData(Object data)(Code) | | Authorization protected method that may be used to associate a
thread-scoped handler data object with the PolicyContext. The handler data
object will be made available to handlers, where it can serve to supply or
bind the handler to invocation scoped state within the container.
Parameters:
data - - a container-specific object that will be associated with thecalling thread and passed to any handler activated by a Policy provider(on the thread). The value null is a legitimate value for this parameter,and is the value that will be used in the activation of handlers if thesetHandlerData has not been called on the thread.
throws:
SecurityException - - if the caller does not have theSecurityPermission("setPolicy") permission. |
|
|