|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.jboss.seam.security.Identity
@Name(value="org.jboss.seam.security.identity") @Scope(value=SESSION) @Install(precedence=0) @BypassInterceptors @Startup public class Identity
API for authorization and authentication via Seam security. This base implementation supports role-based authorization only. Subclasses may add more sophisticated permissioning mechanisms.
Field Summary | |
---|---|
static String |
EVENT_ALREADY_LOGGED_IN
|
static String |
EVENT_LOGGED_OUT
|
static String |
EVENT_LOGIN_FAILED
|
static String |
EVENT_LOGIN_SUCCESSFUL
|
static String |
EVENT_NOT_AUTHORIZED
|
static String |
EVENT_NOT_LOGGED_IN
|
static String |
EVENT_POST_AUTHENTICATE
|
static String |
EVENT_PRE_AUTHENTICATE
|
static String |
EVENT_QUIET_LOGIN
|
static String |
ROLES_GROUP
|
protected static boolean |
securityEnabled
|
Constructor Summary | |
---|---|
Identity()
|
Method Summary | |
---|---|
void |
acceptExternallyAuthenticatedPrincipal(Principal principal)
|
boolean |
addRole(String role)
Adds a role to the authenticated user. |
void |
authenticate()
|
protected void |
authenticate(LoginContext loginContext)
|
void |
create()
|
protected boolean |
evaluateExpression(String expr)
Evaluates the specified security expression, which must return a boolean value. |
void |
filterByPermission(Collection collection,
String action)
|
Expressions.MethodExpression |
getAuthenticateMethod()
|
Credentials |
getCredentials()
|
String |
getJaasConfigName()
|
protected LoginContext |
getLoginContext()
|
String |
getPassword()
Deprecated. |
Principal |
getPrincipal()
|
Subject |
getSubject()
|
String |
getUsername()
Deprecated. |
boolean |
hasPermission(Object target,
String action)
|
boolean |
hasPermission(String name,
String action,
Object... arg)
Performs a permission check for the specified name and action |
boolean |
hasRole(String role)
Checks if the authenticated user is a member of the specified role. |
void |
checkPermission(Object target,
String action)
|
void |
checkPermission(String name,
String action,
Object... arg)
Checks that the current authenticated user has permission for the specified name and action |
void |
checkRestriction(String expr)
Performs an authorization check, based on the specified security expression. |
void |
checkRole(String role)
Checks that the current authenticated user is a member of the specified role. |
static Identity |
instance()
|
boolean |
isLoggedIn()
Simple check that returns true if the user is logged in, without attempting to authenticate |
boolean |
isLoggedIn(boolean attemptLogin)
Deprecated. |
boolean |
isRememberMe()
Deprecated. |
static boolean |
isSecurityEnabled()
|
String |
login()
Attempts to authenticate the user. |
void |
logout()
|
protected void |
postAuthenticate()
Extracts the principal from the subject, and populates the roles of the authenticated user. |
protected void |
preAuthenticate()
Clears any roles added by calling addRole() while not authenticated. |
void |
quietLogin()
Attempts a quiet login, suppressing any login exceptions and not creating any faces messages. |
void |
removeRole(String role)
Removes a role from the authenticated user |
void |
setAuthenticateMethod(Expressions.MethodExpression authMethod)
|
void |
setJaasConfigName(String jaasConfigName)
|
void |
setPassword(String password)
Deprecated. |
void |
setRememberMe(boolean remember)
Deprecated. |
static void |
setSecurityEnabled(boolean enabled)
|
void |
setUsername(String username)
Deprecated. |
boolean |
tryLogin()
Will attempt to authenticate quietly if the user's credentials are set and they haven't authenticated already. |
void |
unAuthenticate()
Resets all security state and credentials |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String EVENT_LOGIN_SUCCESSFUL
public static final String EVENT_LOGIN_FAILED
public static final String EVENT_NOT_LOGGED_IN
public static final String EVENT_NOT_AUTHORIZED
public static final String EVENT_PRE_AUTHENTICATE
public static final String EVENT_POST_AUTHENTICATE
public static final String EVENT_LOGGED_OUT
public static final String EVENT_ALREADY_LOGGED_IN
public static final String EVENT_QUIET_LOGIN
protected static boolean securityEnabled
public static final String ROLES_GROUP
Constructor Detail |
---|
public Identity()
Method Detail |
---|
@Create public void create()
public static boolean isSecurityEnabled()
public static void setSecurityEnabled(boolean enabled)
public static Identity instance()
public boolean isLoggedIn()
public boolean tryLogin()
@Deprecated public boolean isLoggedIn(boolean attemptLogin)
public void acceptExternallyAuthenticatedPrincipal(Principal principal)
public Principal getPrincipal()
public Subject getSubject()
public void checkRestriction(String expr)
expr
- The security expression to evaluate
NotLoggedInException
- Thrown if the authorization check fails and
the user is not authenticated
AuthorizationException
- Thrown if the authorization check fails and
the user is authenticatedpublic String login()
public void quietLogin()
public void authenticate() throws LoginException
LoginException
protected void authenticate(LoginContext loginContext) throws LoginException
LoginException
protected void preAuthenticate()
protected void postAuthenticate()
public void unAuthenticate()
protected LoginContext getLoginContext() throws LoginException
LoginException
public void logout()
public boolean hasRole(String role)
role
- String The name of the role to check
public boolean addRole(String role)
role
- The name of the role to addpublic void removeRole(String role)
role
- The name of the role to removepublic void checkRole(String role)
role
- String The name of the role to check
AuthorizationException
- if the authenticated user is not a member of the rolepublic void checkPermission(String name, String action, Object... arg)
name
- String The permission nameaction
- String The permission actionarg
- Object Optional object parameter used to make a permission decision
AuthorizationException
- if the user does not have the specified permissionpublic void checkPermission(Object target, String action)
public boolean hasPermission(String name, String action, Object... arg)
name
- String The permission nameaction
- String The permission actionarg
- Object Optional object parameter used to make a permission decision
public void filterByPermission(Collection collection, String action)
public boolean hasPermission(Object target, String action)
protected boolean evaluateExpression(String expr)
expr
- String The expression to evaluate
@Deprecated public String getUsername()
Credentials.getUsername()
@Deprecated public void setUsername(String username)
Credentials.setUsername(String)
@Deprecated public String getPassword()
Credentials.getPassword()
@Deprecated public void setPassword(String password)
Credentials.setPassword(String)
@Deprecated public boolean isRememberMe()
RememberMe.isEnabled()
@Deprecated public void setRememberMe(boolean remember)
RememberMe.setEnabled(boolean)
public Credentials getCredentials()
public Expressions.MethodExpression getAuthenticateMethod()
public void setAuthenticateMethod(Expressions.MethodExpression authMethod)
public String getJaasConfigName()
public void setJaasConfigName(String jaasConfigName)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |