|
ModeShape Distribution 3.0.0.Beta4 | |||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | |||||||||
See:
Description
| Interface Summary | |
|---|---|
| AuthenticationProvider | An interface used by a ModeShape Repository for authenticating users when they create new sessions
using Repository.login(javax.jcr.Credentials, String) and related methods. |
| AuthorizationProvider | An interface that can authorize access to specific resources within repositories. |
| JaasProvider.SubjectResolver | An extension point for the JaasProvider class that allows for custom logic for finding the current JAAS Subject, if not
already available via the Subject.getSubject(AccessController.getContext()) method. |
| SecurityContext | A security context provides a pluggable means to support disparate authentication and authorization mechanisms that specify the user name and roles. |
| Class Summary | |
|---|---|
| AnonymousProvider | An implementation of AuthenticationProvider that allows for anonymous authentication and role-based
authorization of a supplied set of allowed roles. |
| AuthenticationProviders | An implementation of AuthenticationProvider that represents an ordered list of other AuthenticationProvider
implementations. |
| JaasProvider | An implementation of AuthenticationProvider that uses a supplied JAAS policy to perform all authentication and
role-based authorization. |
| JaasSecurityContext | JAAS-based security context that provides authentication and authorization through the JAAS
login context. |
| JaasSecurityContext.UserPasswordCallbackHandler | A simple callback handler implementation that attempts to provide a user ID and password to any
callbacks that it handles. |
| JaccSubjectResolver | A class that can resolve the current JAAS Subject using the JACC API. |
| ServletProvider | An implementation of AuthenticationProvider that delegates to the HttpServletRequest referenced by the supplied
ServletCredentials instances for all authentication and role-based authorization. |
| ServletProvider.ServletSecurityContext | |
ModeShape JCR repositories have a pluggable authentication and authorization framework. Out of the box, each repository is configured to support authenticating and authorizing using JAAS, HTTP servlet (if the servlet library is on the classpath), and (if configured) anonymous logins. In addition, Each repository can also be configured with customzied authenticators.
Creating a custom authenticator is a matter of properly implementing AuthenticationProvider
and configuring the repository to use that class. Each authenticator is responsible for authenticating the supplied
Credentials and returning an ExecutionContext that will represent the user, including
its embedded SecurityContext (for simple role-based authorization) or AuthorizationProvider (for a combination of path- and role-based authorization).
|
ModeShape Distribution 3.0.0.Beta4 | |||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | |||||||||