org.jboss.seam.security
Class Identity

java.lang.Object
  extended by org.jboss.seam.core.AbstractMutable
      extended by org.jboss.seam.core.Selector
          extended by org.jboss.seam.security.Identity
All Implemented Interfaces:
Serializable, Mutable
Direct Known Subclasses:
RuleBasedIdentity

@Name(value="org.jboss.seam.security.identity")
@Scope(value=SESSION)
@Install(precedence=0)
@Intercept(value=NEVER)
@Startup
public class Identity
extends Selector

See Also:
Serialized Form

Field Summary
static String ROLES_GROUP
           
 
Constructor Summary
Identity()
           
 
Method Summary
protected  void addLoginFailedMessage(LoginException ex)
           
protected  void addLoginSuccessfulMessage()
           
 boolean addRole(String role)
          Adds a role to the user's subject, and their security context
 void authenticate()
           
 void authenticate(LoginContext loginContext)
           
 void checkEntityPermission(Object entity, EntityAction action)
           
 void checkPermission(String name, String action, Object... arg)
          Assert that the current authenticated Identity has permission for the specified name and action
 void checkRestriction(String expr)
          Performs an authorization check, based on the specified security expression.
 void checkRole(String role)
          Assert that the current authenticated Identity is a member of the specified role.
 void create()
           
protected  boolean evaluateExpression(String expr)
          Evaluates the specified security expression, which must return a boolean value.
 Expressions.MethodBinding getAuthenticateMethod()
           
protected  String getCookieName()
          Override to define the cookie name
protected  CallbackHandler getDefaultCallbackHandler()
          Creates a callback handler that can handle a standard username/password callback, using the username and password properties.
 String getJaasConfigName()
           
protected  LoginContext getLoginContext()
           
protected  String getLoginFailedMessage()
           
protected  String getLoginFailedMessageKey()
           
protected  javax.faces.application.FacesMessage.Severity getLoginFailedMessageSeverity()
           
protected  String getLoginSuccessfulMessage()
           
protected  String getLoginSuccessfulMessageKey()
           
protected  javax.faces.application.FacesMessage.Severity getLoginSuccessfulMessageSeverity()
           
 String getPassword()
           
 Principal getPrincipal()
           
 Subject getSubject()
           
 String getUsername()
           
 boolean hasPermission(String name, String action, Object... arg)
          Performs a permission check for the specified name and action
 boolean hasRole(String role)
          Checks if the authenticated Identity is a member of the specified role.
static Identity instance()
           
 boolean isLoggedIn()
          If there is a principal set, then the user is logged in.
 boolean isRememberMe()
           
 String login()
           
 void logout()
           
protected  void postAuthenticate()
           
protected  void postRememberMe()
           
protected  void preAuthenticate()
           
 void removeRole(String role)
          Removes a role from the user's subject and their security context
 void setAuthenticateMethod(Expressions.MethodBinding authMethod)
           
 void setJaasConfigName(String jaasConfigName)
           
 void setPassword(String password)
           
 void setRememberMe(boolean remember)
           
 void setUsername(String username)
           
protected  void unAuthenticate()
          Removes all Role objects from the security context, removes the "Roles" group from the user's subject.
 
Methods inherited from class org.jboss.seam.core.Selector
getCookieMaxAge, getCookieValue, isCookieEnabled, setCookieEnabled, setCookieMaxAge, setCookieValue
 
Methods inherited from class org.jboss.seam.core.AbstractMutable
clearDirty, setDirty, setDirty
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ROLES_GROUP

public static final String ROLES_GROUP
See Also:
Constant Field Values
Constructor Detail

Identity

public Identity()
Method Detail

getCookieName

protected String getCookieName()
Description copied from class: Selector
Override to define the cookie name

Specified by:
getCookieName in class Selector

create

@Create
public void create()

postRememberMe

protected void postRememberMe()

instance

public static Identity instance()

isLoggedIn

public boolean isLoggedIn()
If there is a principal set, then the user is logged in.


getPrincipal

public Principal getPrincipal()

getSubject

public Subject getSubject()

checkRestriction

public void checkRestriction(String expr)
Performs an authorization check, based on the specified security expression.

Parameters:
expr - The security expression to evaluate
Throws:
NotLoggedInException - Thrown if the authorization check fails and the user is not authenticated
AuthorizationException - Thrown if the authorization check fails and the user is authenticated

login

public String login()

addLoginFailedMessage

protected void addLoginFailedMessage(LoginException ex)

getLoginFailedMessage

protected String getLoginFailedMessage()

getLoginFailedMessageSeverity

protected javax.faces.application.FacesMessage.Severity getLoginFailedMessageSeverity()

getLoginFailedMessageKey

protected String getLoginFailedMessageKey()

addLoginSuccessfulMessage

protected void addLoginSuccessfulMessage()

getLoginSuccessfulMessageSeverity

protected javax.faces.application.FacesMessage.Severity getLoginSuccessfulMessageSeverity()

getLoginSuccessfulMessage

protected String getLoginSuccessfulMessage()

getLoginSuccessfulMessageKey

protected String getLoginSuccessfulMessageKey()

authenticate

public void authenticate()
                  throws LoginException
Throws:
LoginException

authenticate

public void authenticate(LoginContext loginContext)
                  throws LoginException
Throws:
LoginException

preAuthenticate

protected void preAuthenticate()

postAuthenticate

protected void postAuthenticate()

unAuthenticate

protected void unAuthenticate()
Removes all Role objects from the security context, removes the "Roles" group from the user's subject.


getLoginContext

protected LoginContext getLoginContext()
                                throws LoginException
Throws:
LoginException

logout

public void logout()

hasRole

public boolean hasRole(String role)
Checks if the authenticated Identity is a member of the specified role.

Parameters:
role - String The name of the role to check
Returns:
boolean True if the user is a member of the specified role

addRole

public boolean addRole(String role)
Adds a role to the user's subject, and their security context

Parameters:
role - The name of the role to add

removeRole

public void removeRole(String role)
Removes a role from the user's subject and their security context

Parameters:
role - The name of the role to remove

checkRole

public void checkRole(String role)
Assert that the current authenticated Identity is a member of the specified role.

Parameters:
role - String The name of the role to check
Throws:
AuthorizationException - if not a member

checkPermission

public void checkPermission(String name,
                            String action,
                            Object... arg)
Assert that the current authenticated Identity has permission for the specified name and action

Parameters:
name - String The permission name
action - String The permission action
arg - Object Optional object parameter used to make a permission decision
Throws:
AuthorizationException - if the user does not have the specified permission

hasPermission

public boolean hasPermission(String name,
                             String action,
                             Object... arg)
Performs a permission check for the specified name and action

Parameters:
name - String The permission name
action - String The permission action
arg - Object Optional object parameter used to make a permission decision
Returns:
boolean True if the user has the specified permission

getDefaultCallbackHandler

protected CallbackHandler getDefaultCallbackHandler()
Creates a callback handler that can handle a standard username/password callback, using the username and password properties.


evaluateExpression

protected boolean evaluateExpression(String expr)
Evaluates the specified security expression, which must return a boolean value.

Parameters:
expr - String The expression to evaluate
Returns:
boolean The result of the expression evaluation

getUsername

public String getUsername()

setUsername

public void setUsername(String username)

getPassword

public String getPassword()

setPassword

public void setPassword(String password)

getAuthenticateMethod

public Expressions.MethodBinding getAuthenticateMethod()

setAuthenticateMethod

public void setAuthenticateMethod(Expressions.MethodBinding authMethod)

isRememberMe

public boolean isRememberMe()

setRememberMe

public void setRememberMe(boolean remember)

getJaasConfigName

public String getJaasConfigName()

setJaasConfigName

public void setJaasConfigName(String jaasConfigName)

checkEntityPermission

public void checkEntityPermission(Object entity,
                                  EntityAction action)