org.jboss.security
Interface SubjectSecurityManager

All Superinterfaces:
AuthenticationManager
All Known Subinterfaces:
SecurityDomain
All Known Implementing Classes:
NullSecurityManager

public interface SubjectSecurityManager
extends AuthenticationManager

An extension of the AuthenticationManager that adds the notion of the active Subject and security domain.

Version:
$Revision: 1.6.4.1 $
Author:
Scott.Stark@jboss.org

Method Summary
 Subject getActiveSubject()
          Get the currently authenticated subject.
 String getSecurityDomain()
          Get the security domain from which the security manager is from.
 boolean isValid(Principal principal, Object credential, Subject activeSubject)
          The isValid method is invoked to see if a user identity and associated credentials as known in the operational environment are valid proof of the user identity.
 
Methods inherited from interface org.jboss.security.AuthenticationManager
isValid
 

Method Detail

getSecurityDomain

public String getSecurityDomain()
Get the security domain from which the security manager is from. Every security manager belongs to a named domain. The meaning of the security domain name depends on the implementation. Examples range from as fine grained as the name of EJBs to J2EE application names to DNS domain names.

Returns:
the security domain name. May be null in which case the security manager belongs to the logical default domain.

getActiveSubject

public Subject getActiveSubject()
Get the currently authenticated subject. After a successful isValid() call, a SubjectSecurityManager has a Subject associated with the current thread. This Subject will typically contain the Principal passed to isValid as well as any number of additional Principals, and credentials. Note that although the Subject is local to the thread, its internal state may not be if there are multiple threads for the same principal active.

Returns:
The previously authenticated Subject if isValid succeeded, null if isValid failed or has not been called for the active thread.
See Also:
AuthenticationManager.isValid(Principal, Object), isValid(Principal, Object, Subject)

isValid

public boolean isValid(Principal principal,
                       Object credential,
                       Subject activeSubject)
The isValid method is invoked to see if a user identity and associated credentials as known in the operational environment are valid proof of the user identity. This extends AuthenticationManager version to provide a copy of the resulting authenticated Subject. This allows a caller to authenticate a user and obtain a Subject whose state cannot be modified by other threads associated with the same principal.

Returns:
true if the principal, credential pair is valid, false otherwise.


Copyright © 2002 JBoss Group, LLC. All Rights Reserved.