SecurityManager


1   /*
2    * The contents of this file are subject to the terms 
3    * of the Common Development and Distribution License 
4    * (the License).  You may not use this file except in
5    * compliance with the License.
6    * 
7    * You can obtain a copy of the license at 
8    * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9    * glassfish/bootstrap/legal/CDDLv1.0.txt.
10   * See the License for the specific language governing 
11   * permissions and limitations under the License.
12   * 
13   * When distributing Covered Code, include this CDDL 
14   * Header Notice in each file and include the License file 
15   * at glassfish/bootstrap/legal/CDDLv1.0.txt.  
16   * If applicable, add the following below the CDDL Header, 
17   * with the fields enclosed by brackets [] replaced by
18   * you own identifying information: 
19   * "Portions Copyrighted [year] [name of copyright owner]"
20   * 
21   * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22   */
23  package com.sun.enterprise;
24  
25  import java.security.Principal  ;
26  import java.security.PrivilegedExceptionAction  ;
27  import java.lang.reflect.Method  ;
28  import com.sun.ejb.*;
29  import javax.security.auth.Subject  ;
30  import com.sun.enterprise.security.CachedPermission;
31  
32  /**
33   * This interface is used by the Container to manage access to EJBs.
34   * The container has a reference to an implementation of this 
35   * interface.
36   * @author Harish Prabandham
37   */
38  public interface SecurityManager {
39  
40      /**
41       * @param The Invocation object containing the details of the invocation.
42       * @return true if the client is allowed to invoke the EJB, false otherwise.
43       */
44      public boolean authorize(Invocation inv);
45  
46      /**
47       * @return The Principal of the client who made the current 
48       * invocation.
49       */
50      public Principal   getCallerPrincipal();
51  
52      /**
53       * @return A boolean true/false depending on whether or not the caller 
54       * has the specified role.
55       * @param The EJB developer specified "logical role".
56       */
57      public boolean isCallerInRole(String    role);
58  
59  
60      /** This sets up the security context - if not set
61       * and does run-as related login if required
62       * @param ComponentInvocation
63       */
64      public void preInvoke (ComponentInvocation inv);
65  
66      /**
67       * This method is used by the  Invocation Manager to remove
68       * the run-as identity information that was set up using the 
69       * preInvoke
70       * @param ComponentInvocation
71       */
72      public void postInvoke (ComponentInvocation inv);
73  
74      /**
75       * Call this method to clean up all the bookeeping
76       * data-structures in the SM.
77       */
78      public void destroy();
79  
80      /**
81       * This will return the subject associated with the current
82       * call. If the run as subject is in effect. It will return that
83       * subject. This is done to support the JACC specification which says
84       * if the runas principal is in effect, that principal should be used
85       * for making a component call.
86       * @return Subject the current subject. Null if this is not the
87       * runas case
88       */
89      public Subject   getCurrentSubject();
90      
91      /* This method is used by SecurityUtil runMethod to run the
92       * action as the subject encapsulated in the cuurent
93       * SecurityContext.
94       */
95        
96      public Object   doAsPrivileged(PrivilegedExceptionAction   pea) 
97      throws Throwable  ;
98       
99  }
100
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags