Interface IdentityService

All Known Implementing Classes:
DefaultIdentityService

public interface IdentityService
Associates UserIdentities from with threads and UserIdentity.Contexts.
  • Field Details

    • NO_ROLES

      static final String[] NO_ROLES
  • Method Details

    • associate

      Object associate(UserIdentity user)
      Associate a user identity with the current thread. This is called with as a thread enters the SecurityHandler.handle(String, org.eclipse.jetty.server.Request, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method and then again with a null argument as that call exits.
      Parameters:
      user - The current user or null for no user to associated.
      Returns:
      an object representing the previous associated state
    • disassociate

      void disassociate(Object previous)
      Disassociate the user identity from the current thread and restore previous identity.
      Parameters:
      previous - The opaque object returned from a call to associate(UserIdentity)
    • setRunAs

      Object setRunAs(UserIdentity user, RunAsToken token)
      Associate a runas Token with the current user and thread.
      Parameters:
      user - The UserIdentity
      token - The runAsToken to associate.
      Returns:
      The previous runAsToken or null.
    • unsetRunAs

      void unsetRunAs(Object token)
      Disassociate the current runAsToken from the thread and reassociate the previous token.
      Parameters:
      token - RUNAS returned from previous associateRunAs call
    • newUserIdentity

      UserIdentity newUserIdentity(Subject subject, Principal userPrincipal, String[] roles)
      Create a new UserIdentity for use with this identity service. The UserIdentity should be immutable and able to be cached.
      Parameters:
      subject - Subject to include in UserIdentity
      userPrincipal - Principal to include in UserIdentity. This will be returned from getUserPrincipal calls
      roles - set of roles to include in UserIdentity.
      Returns:
      A new immutable UserIdententity
    • newRunAsToken

      RunAsToken newRunAsToken(String runAsName)
      Create a new RunAsToken from a runAsName (normally a role).
      Parameters:
      runAsName - Normally a role name
      Returns:
      A new immutable RunAsToken
    • getSystemUserIdentity

      UserIdentity getSystemUserIdentity()