Interface IdentityService

  • All Known Implementing Classes:
    DefaultIdentityService

    public interface IdentityService
    Associates UserIdentities from with threads and UserIdentity.Contexts.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String[] NO_ROLES  
    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      java.lang.Object associate​(UserIdentity user)
      Associate a user identity with the current thread.
      void disassociate​(java.lang.Object previous)
      Disassociate the user identity from the current thread and restore previous identity.
      UserIdentity getSystemUserIdentity()  
      RunAsToken newRunAsToken​(java.lang.String runAsName)
      Create a new RunAsToken from a runAsName (normally a role).
      UserIdentity newUserIdentity​(javax.security.auth.Subject subject, java.security.Principal userPrincipal, java.lang.String[] roles)
      Create a new UserIdentity for use with this identity service.
      java.lang.Object setRunAs​(UserIdentity user, RunAsToken token)
      Associate a runas Token with the current user and thread.
      void unsetRunAs​(java.lang.Object token)
      Disassociate the current runAsToken from the thread and reassociate the previous token.
    • Field Detail

      • NO_ROLES

        static final java.lang.String[] NO_ROLES
    • Method Detail

      • disassociate

        void disassociate​(java.lang.Object previous)
        Disassociate the user identity from the current thread and restore previous identity.
        Parameters:
        previous - The opaque object returned from a call to associate(UserIdentity)
      • setRunAs

        java.lang.Object setRunAs​(UserIdentity user,
                                  RunAsToken token)
        Associate a runas Token with the current user and thread.
        Parameters:
        user - The UserIdentity
        token - The runAsToken to associate.
        Returns:
        The previous runAsToken or null.
      • unsetRunAs

        void unsetRunAs​(java.lang.Object token)
        Disassociate the current runAsToken from the thread and reassociate the previous token.
        Parameters:
        token - RUNAS returned from previous associateRunAs call
      • newUserIdentity

        UserIdentity newUserIdentity​(javax.security.auth.Subject subject,
                                     java.security.Principal userPrincipal,
                                     java.lang.String[] roles)
        Create a new UserIdentity for use with this identity service. The UserIdentity should be immutable and able to be cached.
        Parameters:
        subject - Subject to include in UserIdentity
        userPrincipal - Principal to include in UserIdentity. This will be returned from getUserPrincipal calls
        roles - set of roles to include in UserIdentity.
        Returns:
        A new immutable UserIdententity
      • newRunAsToken

        RunAsToken newRunAsToken​(java.lang.String runAsName)
        Create a new RunAsToken from a runAsName (normally a role).
        Parameters:
        runAsName - Normally a role name
        Returns:
        A new immutable RunAsToken
      • getSystemUserIdentity

        UserIdentity getSystemUserIdentity()