Authentication


1   package org.jbpm.security;
2   
3   import org.jbpm.JbpmConfiguration;
4   import org.jbpm.security.authenticator.Authenticator;
5   import org.jbpm.security.authenticator.JbpmDefaultAuthenticator;
6   
7   /**
8    * provides central access point to the configurable authentication.
9    * 
10   * <p>
11   * Authentication (knowing which user is running this code) is outside the 
12   * scope of jBPM.  It is assumed that the environment in which jBPM executes
13   * has already performed authentication and hence knows who is running the 
14   * code.
15   * </p>
16   * <p>
17   * The implementations that can be plugged into this by configuring 
18   * an {@link org.jbpm.security.authenticator.Authenticator} implementation 
19   * in the jbpm.properties.  To configure another authenticator then the default 
20   * one, specify the fully qualified class name in the property 'jbpm.authenticator'.
21   * </p>
22   * <p>The default is 
23   * {@link org.jbpm.security.authenticator.JbpmDefaultAuthenticator}.  That 
24   * authenticator assumes that the user calls {@link #pushAuthenticatedActorId(String)}
25   * and {@link #popAuthenticatedActorId()} in a try-finally block around the 
26   * the jbpm API invocations.  For web applications, there is a filter 
27   * ({@link org.jbpm.security.filter.JbpmAuthenticationFilter})that calls these 
28   * methods based on the httpServletRequest.getUserPrincipal().getName();  
29   * </p>
30   * <p>Other authentication implementation include : 
31   * <ul>
32   *   <li>{@link org.jbpm.security.authenticator.JBossAuthenticator} that looks 
33   *   up the currently authenticated user from the JBoss SecurityAssociation.</li>
34   *   <li>{@link org.jbpm.security.authenticator.SubjectAuthenticator} that looks 
35   *   up the currently authenticated user from the current subject with 
36   *   Subject.getSubject(...).</li>
37   * </ul>
38   * </p>
39   */
40  public abstract class Authentication {
41    
42    // pluggable authentication /////////////////////////////////////////////////
43  
44    protected static Authenticator authenticator = (Authenticator) JbpmConfiguration.getObject("jbpm.authenticator", new JbpmDefaultAuthenticator());
45  
46    /**
47     * central method to look up the currently authenticated swimlaneActorId.
48     * (currently means relative to the current thread).
49     * This method delegates the current swimlaneActorId lookup to a configurable 
50     * {@link Authenticator}.   
51     */
52    public static String   getAuthenticatedActorId() {
53      return authenticator.getAuthenticatedActorId();
54    }
55    
56    // jbpm's default authentication convenience methods ////////////////////////
57  
58    /**
59     * conventience method for setting the authenticated swimlaneActorId for the 
60     * jbpm default authentication mechanism.  Always use this method in 
61     * a try-finally block with {@link #popAuthenticatedActorId()} in the 
62     * finally block. 
63     * @see JbpmDefaultAuthenticator
64     */
65    public static void pushAuthenticatedActorId(String   actorId) {
66      JbpmDefaultAuthenticator.pushAuthenticatedActorId(actorId);
67    }
68    
69    /**
70     * conventience method for ending the authenticated section for the 
71     * jbpm default authentication mechanism.  Always use this method in 
72     * a finally block with {@link #pushAuthenticatedActorId(String)} in the 
73     * try block. 
74     * @see JbpmDefaultAuthenticator
75     */
76    public static void popAuthenticatedActorId() {
77      JbpmDefaultAuthenticator.popAuthenticatedActorId();
78    }
79  }
80
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags