org.openejb.spi
Interface SecurityService
- All Superinterfaces:
- Service
- All Known Implementing Classes:
- PseudoSecurityService
public interface SecurityService
- extends Service
Method Summary |
java.lang.Object |
getSecurityIdentity()
|
boolean |
isCallerAuthorized(java.lang.Object securityIdentity,
java.lang.String[] roleNames)
Check if securityIdentity is authorized to perform the specified action. |
void |
setSecurityIdentity(java.lang.Object securityIdentity)
|
java.lang.Object |
translateTo(java.lang.Object securityIdentity,
java.lang.Class type)
Attempts to convert an opaque securityIdentity to a concrete target type. |
Methods inherited from interface org.openejb.spi.Service |
init |
isCallerAuthorized
boolean isCallerAuthorized(java.lang.Object securityIdentity,
java.lang.String[] roleNames)
- Check if securityIdentity is authorized to perform the specified action.
This is currently used by OpenEJB to check if a caller is authorized to
to assume at least one of a collection of roles, the roles authorized for
a particular method of a particular deployment.
translateTo
java.lang.Object translateTo(java.lang.Object securityIdentity,
java.lang.Class type)
- Attempts to convert an opaque securityIdentity to a concrete target type.
This is currently used to obtain an java.security.Princiapl type which
must be returned by OpenEJB when a bean invokes EJBContext.getCallerPrincipal().
Conversion to a Principal type must be supported.
It may also be used by JCX connectors to obtain the JAAS Subject of the caller,
support for translation to Subject type is currently optional.
setSecurityIdentity
void setSecurityIdentity(java.lang.Object securityIdentity)
getSecurityIdentity
java.lang.Object getSecurityIdentity()
Copyright © 1999-2011 OpenEJB. All Rights Reserved.