org.openejb.spi
Interface SecurityService

All Superinterfaces:
Service
All Known Implementing Classes:
PseudoSecurityService

public interface SecurityService
extends Service


Method Summary
 java.lang.Object getSecurityIdentity()
           
 boolean isCallerAuthorized(java.lang.Object securityIdentity, java.lang.String[] roleNames)
          Check if securityIdentity is authorized to perform the specified action.
 void setSecurityIdentity(java.lang.Object securityIdentity)
           
 java.lang.Object translateTo(java.lang.Object securityIdentity, java.lang.Class type)
          Attempts to convert an opaque securityIdentity to a concrete target type.
 
Methods inherited from interface org.openejb.spi.Service
init
 

Method Detail

isCallerAuthorized

boolean isCallerAuthorized(java.lang.Object securityIdentity,
                           java.lang.String[] roleNames)
Check if securityIdentity is authorized to perform the specified action. This is currently used by OpenEJB to check if a caller is authorized to to assume at least one of a collection of roles, the roles authorized for a particular method of a particular deployment.


translateTo

java.lang.Object translateTo(java.lang.Object securityIdentity,
                             java.lang.Class type)
Attempts to convert an opaque securityIdentity to a concrete target type. This is currently used to obtain an java.security.Princiapl type which must be returned by OpenEJB when a bean invokes EJBContext.getCallerPrincipal(). Conversion to a Principal type must be supported. It may also be used by JCX connectors to obtain the JAAS Subject of the caller, support for translation to Subject type is currently optional.


setSecurityIdentity

void setSecurityIdentity(java.lang.Object securityIdentity)

getSecurityIdentity

java.lang.Object getSecurityIdentity()


Copyright © 1999-2011 OpenEJB. All Rights Reserved.