org.apache.cxf.interceptor.security
Class DefaultSecurityContext
java.lang.Object
org.apache.cxf.interceptor.security.DefaultSecurityContext
- All Implemented Interfaces:
- LoginSecurityContext, SecurityContext
public class DefaultSecurityContext
- extends Object
- implements LoginSecurityContext
SecurityContext which implements isUserInRole using the
following approach : skip the first Subject principal, and then checks
Groups the principal is a member of
TODO : consider moving this class into a rt-core-security module
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
DefaultSecurityContext
public DefaultSecurityContext(Subject subject)
DefaultSecurityContext
public DefaultSecurityContext(Principal p,
Subject subject)
getUserPrincipal
public Principal getUserPrincipal()
- Specified by:
getUserPrincipal
in interface SecurityContext
isUserInRole
public boolean isUserInRole(String role)
- Specified by:
isUserInRole
in interface SecurityContext
checkGroup
protected boolean checkGroup(Group group,
String role)
getSubject
public Subject getSubject()
- Description copied from interface:
LoginSecurityContext
- Returns the Subject representing the current authenticated user.
- Specified by:
getSubject
in interface LoginSecurityContext
- Returns:
- the subject
getUserRoles
public Set<Principal> getUserRoles()
- Description copied from interface:
LoginSecurityContext
- Returns a set of Principals representing the roles
assigned to the current authenticated user Principal
- Specified by:
getUserRoles
in interface LoginSecurityContext
- Returns:
- the roles
Apache CXF