|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface Identity
API for authorization and authentication via Seam security.
Field Summary | |
---|---|
static String |
RESPONSE_LOGIN_EXCEPTION
|
static String |
RESPONSE_LOGIN_FAILED
|
static String |
RESPONSE_LOGIN_SUCCESS
|
Method Summary | |
---|---|
boolean |
addGroup(String name,
String groupType)
Adds the user to the specified group. |
boolean |
addRole(String role,
String group,
String groupType)
Adds a role to the authenticated user. |
void |
checkGroup(String group,
String groupType)
|
void |
checkPermission(Object resource,
String permission)
Checks if the currently authenticated user has the specified permission for the specified resource. |
void |
checkRestriction(String expr)
Performs an authorization check, based on the specified security expression string. |
void |
checkRole(String role,
String group,
String groupType)
Checks that the current authenticated user is a member of the specified role. |
void |
filterByPermission(Collection<?> collection,
String permission)
Filters a collection of objects by a specified action, by removing the objects from the collection for which the user doesn't have the necessary privileges to perform the specified action against that object. |
Class<? extends Authenticator> |
getAuthenticatorClass()
|
String |
getAuthenticatorName()
|
Set<org.picketlink.idm.api.Group> |
getGroups()
Returns an immutable set containing all the current user's group memberships |
Set<org.picketlink.idm.api.Role> |
getRoles()
Returns an immutable set containing all the current user's granted roles |
org.picketlink.idm.api.User |
getUser()
Returns the currently authenticated user |
boolean |
hasPermission(Object resource,
String permission)
Checks if the currently authenticated user has the necessary permission for a specific resource. |
boolean |
hasRole(String role,
String group,
String groupType)
Checks if the authenticated user is a member of the specified role. |
boolean |
inGroup(String name,
String groupType)
Checks if the authenticated user is a member of the specified group |
boolean |
isLoggedIn()
Simple check that returns true if the user is logged in, without attempting to authenticate |
boolean |
isVerified()
Returns true if the currently authenticated user has provided their correct credentials within the verification window configured by the application. |
String |
login()
Attempts to authenticate the user. |
void |
logout()
Logs out the currently authenticated user |
void |
quietLogin()
Attempts a quiet login, suppressing any login exceptions and not creating any faces messages. |
void |
removeGroup(String name,
String groupType)
Removes the currently authenticated user from the specified group |
void |
removeRole(String role,
String group,
String groupType)
Removes a role from the authenticated user |
void |
setAuthenticatorClass(Class<? extends Authenticator> authenticatorClass)
|
void |
setAuthenticatorName(String authenticatorName)
|
boolean |
tryLogin()
Will attempt to authenticate quietly if the user's credentials are set and they haven't authenticated already. |
Field Detail |
---|
static final String RESPONSE_LOGIN_SUCCESS
static final String RESPONSE_LOGIN_FAILED
static final String RESPONSE_LOGIN_EXCEPTION
Method Detail |
---|
@LoggedIn boolean isLoggedIn()
boolean isVerified()
boolean tryLogin()
org.picketlink.idm.api.User getUser()
void checkRestriction(String expr)
expr
- The security expression string to evaluate
NotLoggedInException
- Thrown if the authorization check fails and
the user is not authenticated
AuthorizationException
- Thrown if the authorization check fails and
the user is authenticatedString login()
void quietLogin()
void logout()
boolean hasRole(String role, String group, String groupType)
role
- String The name of the role to check
boolean addRole(String role, String group, String groupType)
role
- The name of the role to addboolean inGroup(String name, String groupType)
name
- The name of the groupgroupType
- The type of the group, e.g. "office", "department", "global role", etc
boolean addGroup(String name, String groupType)
name
- The name of the groupgroupType
- The type of the group
void removeGroup(String name, String groupType)
name
- The name of the groupgroupType
- The type of the groupvoid removeRole(String role, String group, String groupType)
role
- The name of the role to removevoid checkRole(String role, String group, String groupType)
role
- String The name of the role to check
AuthorizationException
- if the authenticated user is not a member of the rolevoid checkGroup(String group, String groupType)
group
- groupType
- void checkPermission(Object resource, String permission)
resource
- The resource for which the user wishes to perform a restricted actionpermission
- The name of the permission that the user requires to invoke the operation
NotLoggedInException
- if the current user is not authenticated
AuthorizationException
- if the current user does not have the necessary
permission for the specified resource object.void filterByPermission(Collection<?> collection, String permission)
collection
- The Collection to filteraction
- The name of the action to filter byboolean hasPermission(Object resource, String permission)
Set<org.picketlink.idm.api.Role> getRoles()
Set<org.picketlink.idm.api.Group> getGroups()
Class<? extends Authenticator> getAuthenticatorClass()
void setAuthenticatorClass(Class<? extends Authenticator> authenticatorClass)
String getAuthenticatorName()
void setAuthenticatorName(String authenticatorName)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |