|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.jboss.mx.util.JBossNotificationBroadcasterSupport
org.jboss.system.ServiceMBeanSupport
org.jboss.security.plugins.JaasSecurityManagerService
public class JaasSecurityManagerService
This is a JMX service which manages JAAS based SecurityManagers. JAAS SecurityManagers are responsible for validating credentials associated with principals. The service defaults to the org.jboss.security.plugins.JaasSecurityManager implementation but this can be changed via the securityManagerClass property.
JaasSecurityManager
,
SubjectSecurityManager
Nested Class Summary | |
---|---|
static class |
JaasSecurityManagerService.DefaultCacheObjectFactory
java:/timedCacheFactory ObjectFactory implementation |
static class |
JaasSecurityManagerService.SecurityDomainObjectFactory
|
Field Summary |
---|
Fields inherited from class org.jboss.system.ServiceMBeanSupport |
---|
server, SERVICE_CONTROLLER_SIG, serviceName |
Fields inherited from interface org.jboss.security.plugins.JaasSecurityManagerServiceMBean |
---|
OBJECT_NAME |
Fields inherited from interface org.jboss.system.ServiceMBean |
---|
CREATE_EVENT, CREATED, DESTROY_EVENT, DESTROYED, FAILED, REGISTERED, START_EVENT, STARTED, STARTING, states, STOP_EVENT, STOPPED, STOPPING, UNREGISTERED |
Constructor Summary | |
---|---|
JaasSecurityManagerService()
The constructor does nothing as the security manager is created on each lookup into java:/jaas/xxx. |
Method Summary | |
---|---|
boolean |
doesUserHaveRole(String securityDomain,
Principal principal,
Object credential,
Set roles)
Validates the application domain roles to which the operational environment Principal belongs. |
void |
flushAuthenticationCache(String securityDomain)
flush the cache policy for the indicated security domain if one exists. |
void |
flushAuthenticationCache(String securityDomain,
Principal user)
Flush a principal's authentication cache entry associated with the given securityDomain. |
String |
getAuthenticationCacheJndiName()
Get the jndi name under which the authentication cache policy is found |
List |
getAuthenticationCachePrincipals(String securityDomain)
Return the active principals in the indicated security domain auth cache. |
String |
getCallbackHandlerClassName()
Get the default CallbackHandler implementation class name |
boolean |
getDeepCopySubjectMode()
A flag indicating if the Deep Copy of Subject Sets should be enabled in the security managers |
int |
getDefaultCacheResolution()
Get the default timed cache policy resolution. |
int |
getDefaultCacheTimeout()
Get the default timed cache policy timeout. |
String |
getDefaultUnauthenticatedPrincipal()
Get the default unauthenticated principal. |
Principal |
getPrincipal(String securityDomain,
Principal principal)
Map from the operational environment Principal to the application domain principal. |
String |
getSecurityManagerClassName()
Get the name of the class that provides the security manager implementation. |
String |
getSecurityProxyFactoryClassName()
Get the name of the class that provides the SecurityProxyFactory implementation. |
boolean |
getServerMode()
A flag indicating if the SecurityAssociation.setServer should be called on service startup. |
Set |
getUserRoles(String securityDomain,
Principal principal,
Object credential)
Return the set of domain roles the principal has been assigned. |
boolean |
isValid(String securityDomain,
Principal principal,
Object credential)
The isValid method is invoked to see if a user identity and associated credentials as known in the operational environment are valid proof of the user identity. |
void |
registerSecurityDomain(String securityDomain,
SecurityDomain instance)
Register a SecurityDomain implmentation. |
void |
setAuthenticationCacheJndiName(String jndiName)
Set the jndi name under which the authentication cache policy is found |
void |
setCacheTimeout(String securityDomain,
int timeoutInSecs,
int resInSecs)
Set the indicated security domain cache timeout. |
void |
setCallbackHandlerClassName(String className)
Set the default CallbackHandler implementation class name |
void |
setDeepCopySubjectMode(boolean flag)
A flag indicating if the Deep Copy of Subject Sets should be enabled in the security managers |
void |
setDefaultCacheResolution(int resInSecs)
Set the default timed cache policy resolution. |
void |
setDefaultCacheTimeout(int timeoutInSecs)
Set the default timed cache policy timeout. |
void |
setDefaultUnauthenticatedPrincipal(String principal)
Set the default unauthenticated principal. |
void |
setSecurityManagerClassName(String className)
Set the name of the class that provides the security manager implementation. |
void |
setSecurityProxyFactoryClassName(String className)
Set the name of the class that provides the SecurityProxyFactory implementation. |
void |
setServerMode(boolean mode)
The SecurityAssociation server mode flag. |
protected void |
startService()
|
protected void |
stopService()
|
Methods inherited from class org.jboss.system.ServiceMBeanSupport |
---|
create, createService, destroy, destroyService, getDeploymentInfo, getLog, getName, getNextNotificationSequenceNumber, getObjectName, getServer, getServiceName, getState, getStateString, jbossInternalCreate, jbossInternalDescription, jbossInternalDestroy, jbossInternalLifecycle, jbossInternalStart, jbossInternalStop, postDeregister, postRegister, preDeregister, preRegister, start, stop |
Methods inherited from class org.jboss.mx.util.JBossNotificationBroadcasterSupport |
---|
addNotificationListener, getNotificationInfo, handleNotification, nextNotificationSequenceNumber, removeNotificationListener, removeNotificationListener, sendNotification |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface org.jboss.system.ServiceMBean |
---|
getName, getState, getStateString, jbossInternalLifecycle |
Methods inherited from interface org.jboss.system.Service |
---|
create, destroy, start, stop |
Constructor Detail |
---|
public JaasSecurityManagerService()
Method Detail |
---|
public boolean getServerMode()
JaasSecurityManagerServiceMBean
getServerMode
in interface JaasSecurityManagerServiceMBean
public void setServerMode(boolean mode)
JaasSecurityManagerServiceMBean
setServerMode
in interface JaasSecurityManagerServiceMBean
mode
- - A flag indicating if the SecurityAssociation.setServer
should be called on service startup.public String getSecurityManagerClassName()
JaasSecurityManagerServiceMBean
getSecurityManagerClassName
in interface JaasSecurityManagerServiceMBean
public void setSecurityManagerClassName(String className) throws ClassNotFoundException, ClassCastException
JaasSecurityManagerServiceMBean
setSecurityManagerClassName
in interface JaasSecurityManagerServiceMBean
ClassNotFoundException
- thrown if the className cannot be found
using the thread context class loader.
ClassCastException
- thrown if the className does not implement the
org.jboss.security.AuthenticationManager interface.public String getSecurityProxyFactoryClassName()
JaasSecurityManagerServiceMBean
getSecurityProxyFactoryClassName
in interface JaasSecurityManagerServiceMBean
public void setSecurityProxyFactoryClassName(String className) throws ClassNotFoundException
JaasSecurityManagerServiceMBean
setSecurityProxyFactoryClassName
in interface JaasSecurityManagerServiceMBean
ClassNotFoundException
public String getCallbackHandlerClassName()
getCallbackHandlerClassName
in interface JaasSecurityManagerServiceMBean
public void setCallbackHandlerClassName(String className) throws ClassNotFoundException
setCallbackHandlerClassName
in interface JaasSecurityManagerServiceMBean
ClassNotFoundException
CallbackHandler
public String getAuthenticationCacheJndiName()
getAuthenticationCacheJndiName
in interface JaasSecurityManagerServiceMBean
public void setAuthenticationCacheJndiName(String jndiName)
setAuthenticationCacheJndiName
in interface JaasSecurityManagerServiceMBean
jndiName
- the name to the ObjectFactory or CachePolicy binding.public int getDefaultCacheTimeout()
getDefaultCacheTimeout
in interface JaasSecurityManagerServiceMBean
public void setDefaultCacheTimeout(int timeoutInSecs)
setDefaultCacheTimeout
in interface JaasSecurityManagerServiceMBean
timeoutInSecs
- - the cache timeout in seconds.public int getDefaultCacheResolution()
getDefaultCacheResolution
in interface JaasSecurityManagerServiceMBean
public void setDefaultCacheResolution(int resInSecs)
setDefaultCacheResolution
in interface JaasSecurityManagerServiceMBean
resInSecs
- - resolution of timeouts in seconds.public boolean getDeepCopySubjectMode()
JaasSecurityManagerServiceMBean
getDeepCopySubjectMode
in interface JaasSecurityManagerServiceMBean
JaasSecurityManagerServiceMBean.getDeepCopySubjectMode()
public void setDeepCopySubjectMode(boolean flag)
JaasSecurityManagerServiceMBean
setDeepCopySubjectMode
in interface JaasSecurityManagerServiceMBean
JaasSecurityManagerServiceMBean.getDeepCopySubjectMode()
public void setCacheTimeout(String securityDomain, int timeoutInSecs, int resInSecs)
setCacheTimeout
in interface JaasSecurityManagerServiceMBean
securityDomain
- the name of the security domain cachetimeoutInSecs
- - the cache timeout in seconds.resInSecs
- - resolution of timeouts in seconds.public void flushAuthenticationCache(String securityDomain)
flushAuthenticationCache
in interface JaasSecurityManagerServiceMBean
securityDomain
- the name of the security domain cachepublic void flushAuthenticationCache(String securityDomain, Principal user)
flushAuthenticationCache
in interface JaasSecurityManagerServiceMBean
securityDomain
- the name of the security domain cacheuser
- the principal of the user to flushpublic List getAuthenticationCachePrincipals(String securityDomain)
getAuthenticationCachePrincipals
in interface JaasSecurityManagerServiceMBean
securityDomain
- the name of the security to lookup the cache for
public boolean isValid(String securityDomain, Principal principal, Object credential)
SecurityManagerMBean
isValid
in interface SecurityManagerMBean
securityDomain
- - the name of the security to useprincipal
- - the user identity in the operation environmentcredential
- - the proof of user identity as known in the
operation environment
public Principal getPrincipal(String securityDomain, Principal principal)
SecurityManagerMBean
getPrincipal
in interface SecurityManagerMBean
principal
- - the caller principal as known in the operation environment.
public boolean doesUserHaveRole(String securityDomain, Principal principal, Object credential, Set roles)
SecurityManagerMBean
doesUserHaveRole
in interface SecurityManagerMBean
securityDomain
- - the name of the security to useprincipal
- - the user identity in the operation environmentcredential
- - the proof of user identity as known in theroles
- - Setpublic Set getUserRoles(String securityDomain, Principal principal, Object credential)
SecurityManagerMBean
getUserRoles
in interface SecurityManagerMBean
securityDomain
- - the name of the security to useprincipal
- - the user identity in the operation environmentcredential
- - the proof of user identity as known in the
protected void startService() throws Exception
startService
in class org.jboss.system.ServiceMBeanSupport
Exception
protected void stopService() throws Exception
stopService
in class org.jboss.system.ServiceMBeanSupport
Exception
public void registerSecurityDomain(String securityDomain, SecurityDomain instance)
registerSecurityDomain
in interface JaasSecurityManagerServiceMBean
securityDomain
- the name of the security domaininstance
- the SecurityDomain instance to bindpublic String getDefaultUnauthenticatedPrincipal()
getDefaultUnauthenticatedPrincipal
in interface JaasSecurityManagerServiceMBean
public void setDefaultUnauthenticatedPrincipal(String principal)
setDefaultUnauthenticatedPrincipal
in interface JaasSecurityManagerServiceMBean
principal
- The principal name
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |