Package org.eclipse.jetty.security

Class DefaultIdentityService

java.lang.Object
org.eclipse.jetty.security.DefaultIdentityService
All Implemented Interfaces:
IdentityService
public class DefaultIdentityService extends Object implements IdentityService
Default Identity Service implementation. This service handles only role reference maps passed in an associated UserIdentity.Scope. If there are roles refs present, then associate will wrap the UserIdentity with one that uses the role references in the UserIdentity.isUserInRole(String, org.eclipse.jetty.server.UserIdentity.Scope) implementation. All other operations are effectively noops.

  • Constructor Details

    • DefaultIdentityService

      public DefaultIdentityService()

  • Method Details

    • associate

      public Object associate(UserIdentity user)
      If there are roles refs present in the scope, then wrap the UserIdentity with one that uses the role references in the UserIdentity.isUserInRole(String, org.eclipse.jetty.server.UserIdentity.Scope)
      Specified by:
      associate in interface IdentityService
      Parameters:
      user - The current user or null for no user to associated.
      Returns:
      an object representing the previous associated state

    • disassociate

      public void disassociate(Object previous)
      Description copied from interface: IdentityService
      Disassociate the user identity from the current thread and restore previous identity.
      Specified by:
      disassociate in interface IdentityService
      Parameters:
      previous - The opaque object returned from a call to IdentityService.associate(UserIdentity)

    • setRunAs

      public Object setRunAs(UserIdentity user, RunAsToken token)
      Description copied from interface: IdentityService
      Associate a runas Token with the current user and thread.
      Specified by:
      setRunAs in interface IdentityService
      Parameters:
      user - The UserIdentity
      token - The runAsToken to associate.
      Returns:
      The previous runAsToken or null.

    • unsetRunAs

      public void unsetRunAs(Object lastToken)
      Description copied from interface: IdentityService
      Disassociate the current runAsToken from the thread and reassociate the previous token.
      Specified by:
      unsetRunAs in interface IdentityService
      Parameters:
      lastToken - RUNAS returned from previous associateRunAs call

    • newRunAsToken

      public RunAsToken newRunAsToken(String runAsName)
      Description copied from interface: IdentityService
      Create a new RunAsToken from a runAsName (normally a role).
      Specified by:
      newRunAsToken in interface IdentityService
      Parameters:
      runAsName - Normally a role name
      Returns:
      A new immutable RunAsToken

    • getSystemUserIdentity

      public UserIdentity getSystemUserIdentity()
      Specified by:
      getSystemUserIdentity in interface IdentityService

    • newUserIdentity

      public UserIdentity newUserIdentity(Subject subject, Principal userPrincipal, String[] roles)
      Description copied from interface: IdentityService
      Create a new UserIdentity for use with this identity service. The UserIdentity should be immutable and able to be cached.
      Specified by:
      newUserIdentity in interface IdentityService
      Parameters:
      subject - Subject to include in UserIdentity
      userPrincipal - Principal to include in UserIdentity. This will be returned from getUserPrincipal calls
      roles - set of roles to include in UserIdentity.
      Returns:
      A new immutable UserIdententity