Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jboss.seam.security
Class Identity

java.lang.Object
  extended by org.jboss.seam.security.Identity
All Implemented Interfaces:
Serializable
Direct Known Subclasses:
RuleBasedIdentity
@Name(value="org.jboss.seam.security.identity")
@Scope(value=SESSION)
@Install(precedence=0)
@BypassInterceptors
@Startup
public class Identity
extends Object
implements Serializable

API for authorization and authentication via Seam security. This base implementation supports role-based authorization only. Subclasses may add more sophisticated permissioning mechanisms.

Author:
Shane Bryzak
See Also:
Serialized Form

Field Summary
static String EVENT_CREDENTIALS_UPDATED
           
static String EVENT_LOGGED_OUT
           
static String EVENT_LOGIN_FAILED
           
static String EVENT_LOGIN_SUCCESSFUL
           
static String EVENT_NOT_AUTHORIZED
           
static String EVENT_NOT_LOGGED_IN
           
static String EVENT_POST_AUTHENTICATE
           
static String EVENT_PRE_AUTHENTICATE
           
static String EVENT_REMEMBER_ME
           
static String ROLES_GROUP
           
protected static boolean securityEnabled
           
 
Constructor Summary
Identity()
           
 
Method Summary
 boolean addRole(String role)
          Adds a role to the user's subject, and their security context
 void authenticate()
           
 void authenticate(LoginContext loginContext)
           
 void checkEntityPermission(Object entity, EntityAction action)
           
 void checkPermission(String name, String action, Object... arg)
          Assert that the current authenticated Identity has permission for the specified name and action
 void checkRestriction(String expr)
          Performs an authorization check, based on the specified security expression.
 void checkRole(String role)
          Assert that the current authenticated Identity is a member of the specified role.
 void create()
           
protected  boolean evaluateExpression(String expr)
          Evaluates the specified security expression, which must return a boolean value.
 Expressions.MethodExpression getAuthenticateMethod()
           
protected  CallbackHandler getDefaultCallbackHandler()
          Creates a callback handler that can handle a standard username/password callback, using the username and password properties.
 String getJaasConfigName()
           
protected  LoginContext getLoginContext()
           
 String getPassword()
           
 Principal getPrincipal()
           
 Subject getSubject()
           
 String getUsername()
           
 boolean hasPermission(String name, String action, Object... arg)
          Performs a permission check for the specified name and action
 boolean hasRole(String role)
          Checks if the authenticated Identity is a member of the specified role.
static Identity instance()
           
 boolean isCredentialsSet()
           
 boolean isLoggedIn()
           
 boolean isLoggedIn(boolean attemptLogin)
           
 boolean isRememberMe()
           
static boolean isSecurityEnabled()
           
 String login()
           
 void logout()
           
protected  void postAuthenticate()
           
protected  void preAuthenticate()
           
 void quietLogin()
          Attempts a quiet login, suppressing any login exceptions and not creating any faces messages.
 void removeRole(String role)
          Removes a role from the user's subject and their security context
 void setAuthenticateMethod(Expressions.MethodExpression authMethod)
           
 void setJaasConfigName(String jaasConfigName)
           
 void setPassword(String password)
           
 void setRememberMe(boolean remember)
           
static void setSecurityEnabled(boolean enabled)
           
 void setUsername(String username)
           
protected  void unAuthenticate()
          Removes all Role objects from the security context, removes the "Roles" group from the user's subject.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

EVENT_LOGIN_SUCCESSFUL

public static final String EVENT_LOGIN_SUCCESSFUL
See Also:
Constant Field Values

EVENT_LOGIN_FAILED

public static final String EVENT_LOGIN_FAILED
See Also:
Constant Field Values

EVENT_NOT_LOGGED_IN

public static final String EVENT_NOT_LOGGED_IN
See Also:
Constant Field Values

EVENT_NOT_AUTHORIZED

public static final String EVENT_NOT_AUTHORIZED
See Also:
Constant Field Values

EVENT_PRE_AUTHENTICATE

public static final String EVENT_PRE_AUTHENTICATE
See Also:
Constant Field Values

EVENT_POST_AUTHENTICATE

public static final String EVENT_POST_AUTHENTICATE
See Also:
Constant Field Values

EVENT_LOGGED_OUT

public static final String EVENT_LOGGED_OUT
See Also:
Constant Field Values

EVENT_CREDENTIALS_UPDATED

public static final String EVENT_CREDENTIALS_UPDATED
See Also:
Constant Field Values

EVENT_REMEMBER_ME

public static final String EVENT_REMEMBER_ME
See Also:
Constant Field Values

securityEnabled

protected static boolean securityEnabled

ROLES_GROUP

public static final String ROLES_GROUP
See Also:
Constant Field Values
Constructor Detail

Identity

public Identity()
Method Detail

create

@Create
public void create()

isSecurityEnabled

public static boolean isSecurityEnabled()

setSecurityEnabled

public static void setSecurityEnabled(boolean enabled)

instance

public static Identity instance()

isLoggedIn

public boolean isLoggedIn()

isLoggedIn

public boolean isLoggedIn(boolean attemptLogin)

getPrincipal

public Principal getPrincipal()

getSubject

public Subject getSubject()

isCredentialsSet

public boolean isCredentialsSet()

checkRestriction

public void checkRestriction(String expr)
Performs an authorization check, based on the specified security expression.

Parameters:
expr - The security expression to evaluate
Throws:
NotLoggedInException - Thrown if the authorization check fails and the user is not authenticated
AuthorizationException - Thrown if the authorization check fails and the user is authenticated

login

public String login()

quietLogin

public void quietLogin()
Attempts a quiet login, suppressing any login exceptions and not creating any faces messages. This method is intended to be used primarily as an internal API call, however has been made public for convenience.

authenticate

public void authenticate()
                  throws LoginException
Throws:
LoginException

authenticate

public void authenticate(LoginContext loginContext)
                  throws LoginException
Throws:
LoginException

preAuthenticate

protected void preAuthenticate()

postAuthenticate

protected void postAuthenticate()

unAuthenticate

protected void unAuthenticate()
Removes all Role objects from the security context, removes the "Roles" group from the user's subject.

getLoginContext

protected LoginContext getLoginContext()
                                throws LoginException
Throws:
LoginException

logout

public void logout()

hasRole

public boolean hasRole(String role)
Checks if the authenticated Identity is a member of the specified role.

Parameters:
role - String The name of the role to check
Returns:
boolean True if the user is a member of the specified role

addRole

public boolean addRole(String role)
Adds a role to the user's subject, and their security context

Parameters:
role - The name of the role to add

removeRole

public void removeRole(String role)
Removes a role from the user's subject and their security context

Parameters:
role - The name of the role to remove

checkRole

public void checkRole(String role)
Assert that the current authenticated Identity is a member of the specified role.

Parameters:
role - String The name of the role to check
Throws:
AuthorizationException - if not a member

checkPermission

public void checkPermission(String name,
                            String action,
                            Object... arg)
Assert that the current authenticated Identity has permission for the specified name and action

Parameters:
name - String The permission name
action - String The permission action
arg - Object Optional object parameter used to make a permission decision
Throws:
AuthorizationException - if the user does not have the specified permission

hasPermission

public boolean hasPermission(String name,
                             String action,
                             Object... arg)
Performs a permission check for the specified name and action

Parameters:
name - String The permission name
action - String The permission action
arg - Object Optional object parameter used to make a permission decision
Returns:
boolean True if the user has the specified permission

getDefaultCallbackHandler

protected CallbackHandler getDefaultCallbackHandler()
Creates a callback handler that can handle a standard username/password callback, using the username and password properties.

evaluateExpression

protected boolean evaluateExpression(String expr)
Evaluates the specified security expression, which must return a boolean value.

Parameters:
expr - String The expression to evaluate
Returns:
boolean The result of the expression evaluation

getUsername

public String getUsername()

setUsername

public void setUsername(String username)

getPassword

public String getPassword()

setPassword

public void setPassword(String password)

getAuthenticateMethod

public Expressions.MethodExpression getAuthenticateMethod()

setAuthenticateMethod

public void setAuthenticateMethod(Expressions.MethodExpression authMethod)

isRememberMe

public boolean isRememberMe()

setRememberMe

public void setRememberMe(boolean remember)

getJaasConfigName

public String getJaasConfigName()

setJaasConfigName

public void setJaasConfigName(String jaasConfigName)

checkEntityPermission

public void checkEntityPermission(Object entity,
                                  EntityAction action)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD