Package org.infinispan.security

Class Security

java.lang.Object

org.infinispan.security.Security

public final class Security
extends java.lang.Object

Security. A simple class to implement caller privileges without a security manager and a much faster implementations of the Subject.doAs(Subject, PrivilegedAction) and Subject.doAs(Subject, PrivilegedExceptionAction) when interaction with the AccessControlContext is not needed. N.B. this uses the caller's Package, this can easily be subverted by placing the calling code within the org.infinispan hierarchy. However for most purposes this is ok.

Since:

7.0

Author:

Tristan Tarrant

Constructor Summary

Constructors

Constructor	Description
Security()

Method Summary

Modifier and Type	Method	Description
static void	checkPermission(CachePermission permission)
static <T> T	doAs(javax.security.auth.Subject subject, java.security.PrivilegedAction<T> action)	A "lightweight" implementation of Subject.doAs(Subject, PrivilegedAction) which uses a ThreadLocal Subject instead of modifying the current AccessControlContext.
static <T> T	doAs(javax.security.auth.Subject subject, java.security.PrivilegedExceptionAction<T> action)	A "lightweight" implementation of Subject.doAs(Subject, PrivilegedExceptionAction) which uses a ThreadLocal Subject instead of modifying the current AccessControlContext.
static <T> T	doPrivileged(java.security.PrivilegedAction<T> action)
static <T> T	doPrivileged(java.security.PrivilegedExceptionAction<T> action)
static javax.security.auth.Subject	getSubject()	If using doAs(Subject, PrivilegedAction) or doAs(Subject, PrivilegedExceptionAction), returns the Subject associated with the current thread otherwise it returns the Subject associated with the current AccessControlContext
static java.security.Principal	getSubjectUserPrincipal(javax.security.auth.Subject s)	Returns the first principal of a subject which is not of type Group
static boolean	isPrivileged()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Security

public Security()

Method Detail

doPrivileged

public static <T> T doPrivileged(java.security.PrivilegedAction<T> action)

doPrivileged

public static <T> T doPrivileged(java.security.PrivilegedExceptionAction<T> action)
                          throws java.security.PrivilegedActionException

Throws:

java.security.PrivilegedActionException

doAs

public static <T> T doAs(javax.security.auth.Subject subject,
                         java.security.PrivilegedAction<T> action)

A "lightweight" implementation of Subject.doAs(Subject, PrivilegedAction) which uses a ThreadLocal Subject instead of modifying the current AccessControlContext.

See Also:

Subject.doAs(Subject, PrivilegedAction)

doAs

public static <T> T doAs(javax.security.auth.Subject subject,
                         java.security.PrivilegedExceptionAction<T> action)
                  throws java.security.PrivilegedActionException

A "lightweight" implementation of Subject.doAs(Subject, PrivilegedExceptionAction) which uses a ThreadLocal Subject instead of modifying the current AccessControlContext.

Throws:

java.security.PrivilegedActionException

See Also:

Subject.doAs(Subject, PrivilegedExceptionAction)

checkPermission

public static void checkPermission(CachePermission permission)
                            throws java.security.AccessControlException

Throws:

java.security.AccessControlException

isPrivileged

public static boolean isPrivileged()

getSubject

public static javax.security.auth.Subject getSubject()

If using doAs(Subject, PrivilegedAction) or doAs(Subject, PrivilegedExceptionAction), returns the Subject associated with the current thread otherwise it returns the Subject associated with the current AccessControlContext

getSubjectUserPrincipal

public static java.security.Principal getSubjectUserPrincipal(javax.security.auth.Subject s)

Returns the first principal of a subject which is not of type Group