org.eclipse.jetty.security
Interface IdentityService

All Known Implementing Classes:
DefaultIdentityService

public interface IdentityService

Associates UserIdentities from with threads and UserIdentity.Contexts.


Field Summary
static String[] NO_ROLES
           
 
Method Summary
 Object associate(UserIdentity user)
          Associate a user identity with the current thread.
 void disassociate(Object previous)
          Disassociate the user identity from the current thread and restore previous identity.
 UserIdentity getSystemUserIdentity()
           
 RunAsToken newRunAsToken(String runAsName)
          Create a new RunAsToken from a runAsName (normally a role).
 UserIdentity newUserIdentity(Subject subject, Principal userPrincipal, String[] roles)
          Create a new UserIdentity for use with this identity service.
 Object setRunAs(UserIdentity user, RunAsToken token)
          Associate a runas Token with the current user and thread.
 void unsetRunAs(Object token)
          Disassociate the current runAsToken from the thread and reassociate the previous token.
 

Field Detail

NO_ROLES

static final String[] NO_ROLES
Method Detail

associate

Object associate(UserIdentity user)
Associate a user identity with the current thread. This is called with as a thread enters the SecurityHandler.handle(String, Request, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method and then again with a null argument as that call exits.

Parameters:
user - The current user or null for no user to associated.
Returns:
an object representing the previous associated state

disassociate

void disassociate(Object previous)
Disassociate the user identity from the current thread and restore previous identity.

Parameters:
previous - The opaque object returned from a call to associate(UserIdentity)

setRunAs

Object setRunAs(UserIdentity user,
                RunAsToken token)
Associate a runas Token with the current user and thread.

Parameters:
user - The UserIdentity
token - The runAsToken to associate.
Returns:
The previous runAsToken or null.

unsetRunAs

void unsetRunAs(Object token)
Disassociate the current runAsToken from the thread and reassociate the previous token.

Parameters:
token - RUNAS returned from previous associateRunAs call

newUserIdentity

UserIdentity newUserIdentity(Subject subject,
                             Principal userPrincipal,
                             String[] roles)
Create a new UserIdentity for use with this identity service. The UserIdentity should be immutable and able to be cached.

Parameters:
subject - Subject to include in UserIdentity
userPrincipal - Principal to include in UserIdentity. This will be returned from getUserPrincipal calls
roles - set of roles to include in UserIdentity.
Returns:
A new immutable UserIdententity

newRunAsToken

RunAsToken newRunAsToken(String runAsName)
Create a new RunAsToken from a runAsName (normally a role).

Parameters:
runAsName - Normally a role name
Returns:
A new immutable RunAsToken

getSystemUserIdentity

UserIdentity getSystemUserIdentity()


Copyright © 1995-2011 Mort Bay Consulting. All Rights Reserved.