Apache CXF API

org.apache.cxf.interceptor.security
Class DefaultSecurityContext

java.lang.Object
  extended by org.apache.cxf.interceptor.security.DefaultSecurityContext
All Implemented Interfaces:
LoginSecurityContext, SecurityContext

public class DefaultSecurityContext
extends Object
implements LoginSecurityContext

SecurityContext which implements isUserInRole using the following approach : skip the first Subject principal, and then checks Groups the principal is a member of TODO : consider moving this class into a rt-core-security module


Constructor Summary
DefaultSecurityContext(Principal p, Subject subject)
           
DefaultSecurityContext(String principalName, Subject subject)
           
DefaultSecurityContext(Subject subject)
           
 
Method Summary
protected  boolean checkGroup(Group group, String role)
           
 Subject getSubject()
          Returns the Subject representing the current authenticated user.
 Principal getUserPrincipal()
           
 Set<Principal> getUserRoles()
          Returns a set of Principals representing the roles assigned to the current authenticated user Principal
 boolean isUserInRole(String role)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultSecurityContext

public DefaultSecurityContext(Subject subject)

DefaultSecurityContext

public DefaultSecurityContext(String principalName,
                              Subject subject)

DefaultSecurityContext

public DefaultSecurityContext(Principal p,
                              Subject subject)
Method Detail

getUserPrincipal

public Principal getUserPrincipal()
Specified by:
getUserPrincipal in interface SecurityContext

isUserInRole

public boolean isUserInRole(String role)
Specified by:
isUserInRole in interface SecurityContext

checkGroup

protected boolean checkGroup(Group group,
                             String role)

getSubject

public Subject getSubject()
Description copied from interface: LoginSecurityContext
Returns the Subject representing the current authenticated user.

Specified by:
getSubject in interface LoginSecurityContext
Returns:
the subject

getUserRoles

public Set<Principal> getUserRoles()
Description copied from interface: LoginSecurityContext
Returns a set of Principals representing the roles assigned to the current authenticated user Principal

Specified by:
getUserRoles in interface LoginSecurityContext
Returns:
the roles

Apache CXF API

Apache CXF