tomee-8.0/javadoc/javax/security/enterprise/SecurityContext.html - tomee-site-pub - Git at Google

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <!-- NewPage -->
 <html lang="en">
 <head>
 <title>SecurityContext</title>
 <link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
 <script type="text/javascript" src="../../../script.js"></script>
 </head>
 <body>
 <script type="text/javascript"><!--
     try {
         if (location.href.indexOf('is-external=true') == -1) {
             parent.document.title="SecurityContext";
         }
     }
     catch(err) {
     }
 //-->
 var methods = {"i0":6,"i1":6,"i2":6,"i3":6,"i4":6};
 var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"]};
 var altColor = "altColor";
 var rowColor = "rowColor";
 var tableTab = "tableTab";
 var activeTableTab = "activeTableTab";
 </script>
 <noscript>
 <div>JavaScript is disabled on your browser.</div>
 </noscript>
 <!-- ========= START OF TOP NAVBAR ======= -->
 <div class="topNav"><a name="navbar.top">
 <!--   -->
 </a>
 <div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
 <a name="navbar.top.firstrow">
 <!--   -->
 </a>
 <ul class="navList" title="Navigation">
 <li><a href="../../../overview-summary.html">Overview</a></li>
 <li><a href="package-summary.html">Package</a></li>
 <li class="navBarCell1Rev">Class</li>
 <li><a href="package-tree.html">Tree</a></li>
 <li><a href="../../../deprecated-list.html">Deprecated</a></li>
 <li><a href="../../../index-all.html">Index</a></li>
 <li><a href="../../../help-doc.html">Help</a></li>
 </ul>
 </div>
 <div class="subNav">
 <ul class="navList">
 <li><a href="../../../javax/security/enterprise/CallerPrincipal.html" title="class in javax.security.enterprise"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
 <li>Next&nbsp;Class</li>
 </ul>
 <ul class="navList">
 <li><a href="../../../index.html?javax/security/enterprise/SecurityContext.html" target="_top">Frames</a></li>
 <li><a href="SecurityContext.html" target="_top">No&nbsp;Frames</a></li>
 </ul>
 <ul class="navList" id="allclasses_navbar_top">
 <li><a href="../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
 </ul>
 <div>
 <script type="text/javascript"><!--
   allClassesLink = document.getElementById("allclasses_navbar_top");
   if(window==top) {
     allClassesLink.style.display = "block";
   }
   else {
     allClassesLink.style.display = "none";
   }
   //-->
 </script>
 </div>
 <div>
 <ul class="subNavList">
 <li>Summary:&nbsp;</li>
 <li>Nested&nbsp;|&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li>Constr&nbsp;|&nbsp;</li>
 <li><a href="#method.summary">Method</a></li>
 </ul>
 <ul class="subNavList">
 <li>Detail:&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li>Constr&nbsp;|&nbsp;</li>
 <li><a href="#method.detail">Method</a></li>
 </ul>
 </div>
 <a name="skip.navbar.top">
 <!--   -->
 </a></div>
 <!-- ========= END OF TOP NAVBAR ========= -->
 <!-- ======== START OF CLASS DATA ======== -->
 <div class="header">
 <div class="subTitle">javax.security.enterprise</div>
 <h2 title="Interface SecurityContext" class="title">Interface SecurityContext</h2>
 </div>
 <div class="contentContainer">
 <div class="description">
 <ul class="blockList">
 <li class="blockList">
 <dl>
 <dt>All Known Implementing Classes:</dt>
 <dd><a href="../../../org/apache/tomee/security/TomEESecurityContext.html" title="class in org.apache.tomee.security">TomEESecurityContext</a></dd>
 </dl>
 <hr>
 <br>
 <pre>public interface <span class="typeNameLabel">SecurityContext</span></pre>
 <div class="block">The SecurityContext provides an access point for programmatic security; an injectable type that is intended to be
  used by application code to query and interact with the Java EE Security API.

  <p>
  Unless otherwise indicated, this type must be usable in all Java EE containers, specifically the Servlet
  and EJB containers.</div>
 </li>
 </ul>
 </div>
 <div class="summary">
 <ul class="blockList">
 <li class="blockList">
 <!-- ========== METHOD SUMMARY =========== -->
 <ul class="blockList">
 <li class="blockList"><a name="method.summary">
 <!--   -->
 </a>
 <h3>Method Summary</h3>
 <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
 <caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
 <tr>
 <th class="colFirst" scope="col">Modifier and Type</th>
 <th class="colLast" scope="col">Method and Description</th>
 </tr>
 <tr id="i0" class="altColor">
 <td class="colFirst"><code><a href="../../../javax/security/enterprise/AuthenticationStatus.html" title="enum in javax.security.enterprise">AuthenticationStatus</a></code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#authenticate-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters-">authenticate</a></span>(<a href="../../../javax/servlet/http/HttpServletRequest.html" title="interface in javax.servlet.http">HttpServletRequest</a>&nbsp;request,
             <a href="../../../javax/servlet/http/HttpServletResponse.html" title="interface in javax.servlet.http">HttpServletResponse</a>&nbsp;response,
             <a href="../../../javax/security/enterprise/authentication/mechanism/http/AuthenticationParameters.html" title="class in javax.security.enterprise.authentication.mechanism.http">AuthenticationParameters</a>&nbsp;parameters)</code>
 <div class="block">Signal to the container (programmatically trigger) that it should start or continue a web/HTTP based authentication dialog with
  the caller.</div>
 </td>
 </tr>
 <tr id="i1" class="rowColor">
 <td class="colFirst"><code>java.security.Principal</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#getCallerPrincipal--">getCallerPrincipal</a></span>()</code>
 <div class="block">Retrieve the platform-specific <code>java.security.Principal</code> that represents
  the name of authenticated caller, or null if the current caller is not authenticated.</div>
 </td>
 </tr>
 <tr id="i2" class="altColor">
 <td class="colFirst"><code>&lt;T extends java.security.Principal&gt;<br>java.util.Set&lt;T&gt;</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#getPrincipalsByType-java.lang.Class-">getPrincipalsByType</a></span>(java.lang.Class&lt;T&gt;&nbsp;pType)</code>
 <div class="block">Retrieve all Principals of the given type from the authenticated caller's Subject,
  or an empty set if the current caller is not authenticated, or if the specified type
  isn't found in the Subject.</div>
 </td>
 </tr>
 <tr id="i3" class="rowColor">
 <td class="colFirst"><code>boolean</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#hasAccessToWebResource-java.lang.String-java.lang.String...-">hasAccessToWebResource</a></span>(java.lang.String&nbsp;resource,
                       java.lang.String...&nbsp;methods)</code>
 <div class="block">Checks whether the caller has access to the provided "web resource" using the given methods,
  as specified by section 13.8 of the Servlet specification.</div>
 </td>
 </tr>
 <tr id="i4" class="altColor">
 <td class="colFirst"><code>boolean</code></td>
 <td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#isCallerInRole-java.lang.String-">isCallerInRole</a></span>(java.lang.String&nbsp;role)</code>
 <div class="block">Checks whether the authenticated caller is included in the specified logical <em>application</em> "role".</div>
 </td>
 </tr>
 </table>
 </li>
 </ul>
 </li>
 </ul>
 </div>
 <div class="details">
 <ul class="blockList">
 <li class="blockList">
 <!-- ============ METHOD DETAIL ========== -->
 <ul class="blockList">
 <li class="blockList"><a name="method.detail">
 <!--   -->
 </a>
 <h3>Method Detail</h3>
 <a name="getCallerPrincipal--">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>getCallerPrincipal</h4>
 <pre>java.security.Principal&nbsp;getCallerPrincipal()</pre>
 <div class="block">Retrieve the platform-specific <code>java.security.Principal</code> that represents
  the name of authenticated caller, or null if the current caller is not authenticated.</div>
 <dl>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>Principal representing the name of the current authenticated user, or null if not authenticated.</dd>
 </dl>
 </li>
 </ul>
 <a name="getPrincipalsByType-java.lang.Class-">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>getPrincipalsByType</h4>
 <pre>&lt;T extends java.security.Principal&gt;&nbsp;java.util.Set&lt;T&gt;&nbsp;getPrincipalsByType(java.lang.Class&lt;T&gt;&nbsp;pType)</pre>
 <div class="block">Retrieve all Principals of the given type from the authenticated caller's Subject,
  or an empty set if the current caller is not authenticated, or if the specified type
  isn't found in the Subject.
  <p>
  This can be used to retrieve application-specific
  Principals when the platform's representation of the caller uses a different principal type.
  <p>
  The returned Set is not backed by the Subject's internal Principal Set.
  A new Set is created and returned for each method invocation.
  Modifications to the returned Set will not affect the internal Principal Set.</div>
 <dl>
 <dt><span class="paramLabel">Parameters:</span></dt>
 <dd><code>pType</code> - Class object representing the type of Principal to return.</dd>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>Set of Principals of the given type, or an empty set.</dd>
 </dl>
 </li>
 </ul>
 <a name="isCallerInRole-java.lang.String-">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>isCallerInRole</h4>
 <pre>boolean&nbsp;isCallerInRole(java.lang.String&nbsp;role)</pre>
 <div class="block">Checks whether the authenticated caller is included in the specified logical <em>application</em> "role".
  If the caller is not authenticated, this always returns <code>false</code>.

  <p>
  This method <em>can not</em> be used to test for roles that are mapped to specific named Servlets or
  named EJB beans. For a Servlet an example of this would be the <code>role-name</code> nested in a
  <code>security-role-ref</code> element nested in a <code>servlet</code> element in <code>web.xml</code>.

  <p>
  Should code in either such Servlet or EJB bean wish to take such mapped (aka referenced, linked) roles into
  account, the facilities for that specific container should be used instead. For instance for Servlet that would
  be <a href="../../../javax/servlet/http/HttpServletRequest.html#isUserInRole-java.lang.String-"><code>HttpServletRequest.isUserInRole(String)</code></a> and for EJB beans that would be
  <a href="../../../javax/ejb/EJBContext.html#isCallerInRole-java.lang.String-"><code>EJBContext.isCallerInRole(String)</code></a>.</div>
 <dl>
 <dt><span class="paramLabel">Parameters:</span></dt>
 <dd><code>role</code> - a <code>String</code> specifying the name of the logical application role</dd>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd><code>true</code> if the authenticated caller is in the given role, false if the caller is not authentication or
  is not in the given role.</dd>
 </dl>
 </li>
 </ul>
 <a name="hasAccessToWebResource-java.lang.String-java.lang.String...-">
 <!--   -->
 </a>
 <ul class="blockList">
 <li class="blockList">
 <h4>hasAccessToWebResource</h4>
 <pre>boolean&nbsp;hasAccessToWebResource(java.lang.String&nbsp;resource,
                                java.lang.String...&nbsp;methods)</pre>
 <div class="block">Checks whether the caller has access to the provided "web resource" using the given methods,
  as specified by section 13.8 of the Servlet specification.

  <p>
  A caller has access if the web resource is either not protected (constrained), or when it is protected by a role
  and the caller is in that role.</div>
 <dl>
 <dt><span class="paramLabel">Parameters:</span></dt>
 <dd><code>resource</code> - the name of the web resource to test access for. This is a <code>URLPatternSpec</code> that
  identifies the application specific web resources to which the permission pertains. For a full specification of this
  pattern see <code>javax.security.jacc.WebResourcePermission#WebResourcePermission(String, String)</code>.</dd>
 <dd><code>methods</code> - one or more methods to check for whether the caller has access to the web resource using one of those methods.</dd>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd><code>true</code> if the caller has access to the web resource using one of the given methods, <code>false</code> otherwise.</dd>
 </dl>
 </li>
 </ul>
 <a name="authenticate-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters-">
 <!--   -->
 </a>
 <ul class="blockListLast">
 <li class="blockList">
 <h4>authenticate</h4>
 <pre><a href="../../../javax/security/enterprise/AuthenticationStatus.html" title="enum in javax.security.enterprise">AuthenticationStatus</a>&nbsp;authenticate(<a href="../../../javax/servlet/http/HttpServletRequest.html" title="interface in javax.servlet.http">HttpServletRequest</a>&nbsp;request,
                                   <a href="../../../javax/servlet/http/HttpServletResponse.html" title="interface in javax.servlet.http">HttpServletResponse</a>&nbsp;response,
                                   <a href="../../../javax/security/enterprise/authentication/mechanism/http/AuthenticationParameters.html" title="class in javax.security.enterprise.authentication.mechanism.http">AuthenticationParameters</a>&nbsp;parameters)</pre>
 <div class="block">Signal to the container (programmatically trigger) that it should start or continue a web/HTTP based authentication dialog with
  the caller.

  <p>
  Programmatically triggering means that the container responds as if the caller had attempted to access a constrained resource
  and acts by invoking a configured authentication mechanism (such as the <a href="../../../javax/security/enterprise/authentication/mechanism/http/HttpAuthenticationMechanism.html" title="interface in javax.security.enterprise.authentication.mechanism.http"><code>HttpAuthenticationMechanism</code></a>).

  <p>
  Whether the authentication dialog is to be started or continued depends on the (logical) state of the authentication dialog. If
  such dialog is currently in progress, a call to this method will continue it. If such dialog is not in progress a new one will be
  started. A new dialog can be forced to be started regardless of one being in progress or not by providing a value of
  <code>true</code> for the <a href="../../../javax/security/enterprise/authentication/mechanism/http/AuthenticationParameters.html#newAuthentication"><code>AuthenticationParameters.newAuthentication</code></a> parameter with this call.

  <p>
  This method requires an <a href="../../../javax/servlet/http/HttpServletRequest.html" title="interface in javax.servlet.http"><code>HttpServletRequest</code></a> and <a href="../../../javax/servlet/http/HttpServletResponse.html" title="interface in javax.servlet.http"><code>HttpServletResponse</code></a> argument to be passed in, and
  can therefore only be used in a valid Servlet context.</div>
 <dl>
 <dt><span class="paramLabel">Parameters:</span></dt>
 <dd><code>request</code> - The <code>HttpServletRequest</code> associated with the current web resource invocation.</dd>
 <dd><code>response</code> - The <code>HttpServletResponse</code> associated with the given <code>HttpServletRequest</code>.</dd>
 <dd><code>parameters</code> - The parameters that are provided along with a programmatic authentication request, for instance the credentials.
  collected by the application for continuing an authentication dialog.</dd>
 <dt><span class="returnLabel">Returns:</span></dt>
 <dd>The state of the authentication mechanism after being triggered by this call</dd>
 </dl>
 </li>
 </ul>
 </li>
 </ul>
 </li>
 </ul>
 </div>
 </div>
 <!-- ========= END OF CLASS DATA ========= -->
 <!-- ======= START OF BOTTOM NAVBAR ====== -->
 <div class="bottomNav"><a name="navbar.bottom">
 <!--   -->
 </a>
 <div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
 <a name="navbar.bottom.firstrow">
 <!--   -->
 </a>
 <ul class="navList" title="Navigation">
 <li><a href="../../../overview-summary.html">Overview</a></li>
 <li><a href="package-summary.html">Package</a></li>
 <li class="navBarCell1Rev">Class</li>
 <li><a href="package-tree.html">Tree</a></li>
 <li><a href="../../../deprecated-list.html">Deprecated</a></li>
 <li><a href="../../../index-all.html">Index</a></li>
 <li><a href="../../../help-doc.html">Help</a></li>
 </ul>
 </div>
 <div class="subNav">
 <ul class="navList">
 <li><a href="../../../javax/security/enterprise/CallerPrincipal.html" title="class in javax.security.enterprise"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
 <li>Next&nbsp;Class</li>
 </ul>
 <ul class="navList">
 <li><a href="../../../index.html?javax/security/enterprise/SecurityContext.html" target="_top">Frames</a></li>
 <li><a href="SecurityContext.html" target="_top">No&nbsp;Frames</a></li>
 </ul>
 <ul class="navList" id="allclasses_navbar_bottom">
 <li><a href="../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
 </ul>
 <div>
 <script type="text/javascript"><!--
   allClassesLink = document.getElementById("allclasses_navbar_bottom");
   if(window==top) {
     allClassesLink.style.display = "block";
   }
   else {
     allClassesLink.style.display = "none";
   }
   //-->
 </script>
 </div>
 <div>
 <ul class="subNavList">
 <li>Summary:&nbsp;</li>
 <li>Nested&nbsp;|&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li>Constr&nbsp;|&nbsp;</li>
 <li><a href="#method.summary">Method</a></li>
 </ul>
 <ul class="subNavList">
 <li>Detail:&nbsp;</li>
 <li>Field&nbsp;|&nbsp;</li>
 <li>Constr&nbsp;|&nbsp;</li>
 <li><a href="#method.detail">Method</a></li>
 </ul>
 </div>
 <a name="skip.navbar.bottom">
 <!--   -->
 </a></div>
 <!-- ======== END OF BOTTOM NAVBAR ======= -->
 </body>
 </html>
	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
	<!-- NewPage -->
	<html lang="en">
	<head>
	<title>SecurityContext</title>
	<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
	<script type="text/javascript" src="../../../script.js"></script>
	</head>
	<body>
	<script type="text/javascript"><!--
	try {
	if (location.href.indexOf('is-external=true') == -1) {
	parent.document.title="SecurityContext";
	}
	}
	catch(err) {
	}
	//-->
	var methods = {"i0":6,"i1":6,"i2":6,"i3":6,"i4":6};
	var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"]};
	var altColor = "altColor";
	var rowColor = "rowColor";
	var tableTab = "tableTab";
	var activeTableTab = "activeTableTab";
	</script>
	<noscript>
	<div>JavaScript is disabled on your browser.</div>
	</noscript>
	<!-- ========= START OF TOP NAVBAR ======= -->
	<div class="topNav"><a name="navbar.top">
	<!-- -->
	</a>
	<div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
	<a name="navbar.top.firstrow">
	<!-- -->
	</a>
	<ul class="navList" title="Navigation">
	<li><a href="../../../overview-summary.html">Overview</a></li>
	<li><a href="package-summary.html">Package</a></li>
	<li class="navBarCell1Rev">Class</li>
	<li><a href="package-tree.html">Tree</a></li>
	<li><a href="../../../deprecated-list.html">Deprecated</a></li>
	<li><a href="../../../index-all.html">Index</a></li>
	<li><a href="../../../help-doc.html">Help</a></li>
	</ul>
	</div>
	<div class="subNav">
	<ul class="navList">
	<li><a href="../../../javax/security/enterprise/CallerPrincipal.html" title="class in javax.security.enterprise"><span class="typeNameLink">Prev Class</span></a></li>
	<li>Next Class</li>
	</ul>
	<ul class="navList">
	<li><a href="../../../index.html?javax/security/enterprise/SecurityContext.html" target="_top">Frames</a></li>
	<li><a href="SecurityContext.html" target="_top">No Frames</a></li>
	</ul>
	<ul class="navList" id="allclasses_navbar_top">
	<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
	</ul>
	<div>
	<script type="text/javascript"><!--
	allClassesLink = document.getElementById("allclasses_navbar_top");
	if(window==top) {
	allClassesLink.style.display = "block";
	}
	else {
	allClassesLink.style.display = "none";
	}
	//-->
	</script>
	</div>
	<div>
	<ul class="subNavList">
	<li>Summary: </li>
	<li>Nested \| </li>
	<li>Field \| </li>
	<li>Constr \| </li>
	<li><a href="#method.summary">Method</a></li>
	</ul>
	<ul class="subNavList">
	<li>Detail: </li>
	<li>Field \| </li>
	<li>Constr \| </li>
	<li><a href="#method.detail">Method</a></li>
	</ul>
	</div>
	<a name="skip.navbar.top">
	<!-- -->
	</a></div>
	<!-- ========= END OF TOP NAVBAR ========= -->
	<!-- ======== START OF CLASS DATA ======== -->
	<div class="header">
	<div class="subTitle">javax.security.enterprise</div>
	<h2 title="Interface SecurityContext" class="title">Interface SecurityContext</h2>
	</div>
	<div class="contentContainer">
	<div class="description">
	<ul class="blockList">
	<li class="blockList">
	<dl>
	<dt>All Known Implementing Classes:</dt>
	<dd><a href="../../../org/apache/tomee/security/TomEESecurityContext.html" title="class in org.apache.tomee.security">TomEESecurityContext</a></dd>
	</dl>
	<hr>
	<br>
	<pre>public interface <span class="typeNameLabel">SecurityContext</span></pre>
	<div class="block">The SecurityContext provides an access point for programmatic security; an injectable type that is intended to be
	used by application code to query and interact with the Java EE Security API.

	<p>
	Unless otherwise indicated, this type must be usable in all Java EE containers, specifically the Servlet
	and EJB containers.</div>
	</li>
	</ul>
	</div>
	<div class="summary">
	<ul class="blockList">
	<li class="blockList">
	<!-- ========== METHOD SUMMARY =========== -->
	<ul class="blockList">
	<li class="blockList"><a name="method.summary">
	<!-- -->
	</a>
	<h3>Method Summary</h3>
	<table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
	<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd"> </span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd"> </span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd"> </span></span></caption>
	<tr>
	<th class="colFirst" scope="col">Modifier and Type</th>
	<th class="colLast" scope="col">Method and Description</th>
	</tr>
	<tr id="i0" class="altColor">
	<td class="colFirst"><code><a href="../../../javax/security/enterprise/AuthenticationStatus.html" title="enum in javax.security.enterprise">AuthenticationStatus</a></code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#authenticate-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters-">authenticate</a></span>(<a href="../../../javax/servlet/http/HttpServletRequest.html" title="interface in javax.servlet.http">HttpServletRequest</a> request,
	<a href="../../../javax/servlet/http/HttpServletResponse.html" title="interface in javax.servlet.http">HttpServletResponse</a> response,
	<a href="../../../javax/security/enterprise/authentication/mechanism/http/AuthenticationParameters.html" title="class in javax.security.enterprise.authentication.mechanism.http">AuthenticationParameters</a> parameters)</code>
	<div class="block">Signal to the container (programmatically trigger) that it should start or continue a web/HTTP based authentication dialog with
	the caller.</div>
	</td>
	</tr>
	<tr id="i1" class="rowColor">
	<td class="colFirst"><code>java.security.Principal</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#getCallerPrincipal--">getCallerPrincipal</a></span>()</code>
	<div class="block">Retrieve the platform-specific <code>java.security.Principal</code> that represents
	the name of authenticated caller, or null if the current caller is not authenticated.</div>
	</td>
	</tr>
	<tr id="i2" class="altColor">
	<td class="colFirst"><code><T extends java.security.Principal><br>java.util.Set<T></code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#getPrincipalsByType-java.lang.Class-">getPrincipalsByType</a></span>(java.lang.Class<T> pType)</code>
	<div class="block">Retrieve all Principals of the given type from the authenticated caller's Subject,
	or an empty set if the current caller is not authenticated, or if the specified type
	isn't found in the Subject.</div>
	</td>
	</tr>
	<tr id="i3" class="rowColor">
	<td class="colFirst"><code>boolean</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#hasAccessToWebResource-java.lang.String-java.lang.String...-">hasAccessToWebResource</a></span>(java.lang.String resource,
	java.lang.String... methods)</code>
	<div class="block">Checks whether the caller has access to the provided "web resource" using the given methods,
	as specified by section 13.8 of the Servlet specification.</div>
	</td>
	</tr>
	<tr id="i4" class="altColor">
	<td class="colFirst"><code>boolean</code></td>
	<td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#isCallerInRole-java.lang.String-">isCallerInRole</a></span>(java.lang.String role)</code>
	<div class="block">Checks whether the authenticated caller is included in the specified logical <em>application</em> "role".</div>
	</td>
	</tr>
	</table>
	</li>
	</ul>
	</li>
	</ul>
	</div>
	<div class="details">
	<ul class="blockList">
	<li class="blockList">
	<!-- ============ METHOD DETAIL ========== -->
	<ul class="blockList">
	<li class="blockList"><a name="method.detail">
	<!-- -->
	</a>
	<h3>Method Detail</h3>
	<a name="getCallerPrincipal--">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>getCallerPrincipal</h4>
	<pre>java.security.Principal getCallerPrincipal()</pre>
	<div class="block">Retrieve the platform-specific <code>java.security.Principal</code> that represents
	the name of authenticated caller, or null if the current caller is not authenticated.</div>
	<dl>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>Principal representing the name of the current authenticated user, or null if not authenticated.</dd>
	</dl>
	</li>
	</ul>
	<a name="getPrincipalsByType-java.lang.Class-">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>getPrincipalsByType</h4>
	<pre><T extends java.security.Principal> java.util.Set<T> getPrincipalsByType(java.lang.Class<T> pType)</pre>
	<div class="block">Retrieve all Principals of the given type from the authenticated caller's Subject,
	or an empty set if the current caller is not authenticated, or if the specified type
	isn't found in the Subject.
	<p>
	This can be used to retrieve application-specific
	Principals when the platform's representation of the caller uses a different principal type.
	<p>
	The returned Set is not backed by the Subject's internal Principal Set.
	A new Set is created and returned for each method invocation.
	Modifications to the returned Set will not affect the internal Principal Set.</div>
	<dl>
	<dt><span class="paramLabel">Parameters:</span></dt>
	<dd><code>pType</code> - Class object representing the type of Principal to return.</dd>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>Set of Principals of the given type, or an empty set.</dd>
	</dl>
	</li>
	</ul>
	<a name="isCallerInRole-java.lang.String-">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>isCallerInRole</h4>
	<pre>boolean isCallerInRole(java.lang.String role)</pre>
	<div class="block">Checks whether the authenticated caller is included in the specified logical <em>application</em> "role".
	If the caller is not authenticated, this always returns <code>false</code>.

	<p>
	This method <em>can not</em> be used to test for roles that are mapped to specific named Servlets or
	named EJB beans. For a Servlet an example of this would be the <code>role-name</code> nested in a
	<code>security-role-ref</code> element nested in a <code>servlet</code> element in <code>web.xml</code>.

	<p>
	Should code in either such Servlet or EJB bean wish to take such mapped (aka referenced, linked) roles into
	account, the facilities for that specific container should be used instead. For instance for Servlet that would
	be <a href="../../../javax/servlet/http/HttpServletRequest.html#isUserInRole-java.lang.String-"><code>HttpServletRequest.isUserInRole(String)</code></a> and for EJB beans that would be
	<a href="../../../javax/ejb/EJBContext.html#isCallerInRole-java.lang.String-"><code>EJBContext.isCallerInRole(String)</code></a>.</div>
	<dl>
	<dt><span class="paramLabel">Parameters:</span></dt>
	<dd><code>role</code> - a <code>String</code> specifying the name of the logical application role</dd>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd><code>true</code> if the authenticated caller is in the given role, false if the caller is not authentication or
	is not in the given role.</dd>
	</dl>
	</li>
	</ul>
	<a name="hasAccessToWebResource-java.lang.String-java.lang.String...-">
	<!-- -->
	</a>
	<ul class="blockList">
	<li class="blockList">
	<h4>hasAccessToWebResource</h4>
	<pre>boolean hasAccessToWebResource(java.lang.String resource,
	java.lang.String... methods)</pre>
	<div class="block">Checks whether the caller has access to the provided "web resource" using the given methods,
	as specified by section 13.8 of the Servlet specification.

	<p>
	A caller has access if the web resource is either not protected (constrained), or when it is protected by a role
	and the caller is in that role.</div>
	<dl>
	<dt><span class="paramLabel">Parameters:</span></dt>
	<dd><code>resource</code> - the name of the web resource to test access for. This is a <code>URLPatternSpec</code> that
	identifies the application specific web resources to which the permission pertains. For a full specification of this
	pattern see <code>javax.security.jacc.WebResourcePermission#WebResourcePermission(String, String)</code>.</dd>
	<dd><code>methods</code> - one or more methods to check for whether the caller has access to the web resource using one of those methods.</dd>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd><code>true</code> if the caller has access to the web resource using one of the given methods, <code>false</code> otherwise.</dd>
	</dl>
	</li>
	</ul>
	<a name="authenticate-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters-">
	<!-- -->
	</a>
	<ul class="blockListLast">
	<li class="blockList">
	<h4>authenticate</h4>
	<pre><a href="../../../javax/security/enterprise/AuthenticationStatus.html" title="enum in javax.security.enterprise">AuthenticationStatus</a> authenticate(<a href="../../../javax/servlet/http/HttpServletRequest.html" title="interface in javax.servlet.http">HttpServletRequest</a> request,
	<a href="../../../javax/servlet/http/HttpServletResponse.html" title="interface in javax.servlet.http">HttpServletResponse</a> response,
	<a href="../../../javax/security/enterprise/authentication/mechanism/http/AuthenticationParameters.html" title="class in javax.security.enterprise.authentication.mechanism.http">AuthenticationParameters</a> parameters)</pre>
	<div class="block">Signal to the container (programmatically trigger) that it should start or continue a web/HTTP based authentication dialog with
	the caller.

	<p>
	Programmatically triggering means that the container responds as if the caller had attempted to access a constrained resource
	and acts by invoking a configured authentication mechanism (such as the <a href="../../../javax/security/enterprise/authentication/mechanism/http/HttpAuthenticationMechanism.html" title="interface in javax.security.enterprise.authentication.mechanism.http"><code>HttpAuthenticationMechanism</code></a>).

	<p>
	Whether the authentication dialog is to be started or continued depends on the (logical) state of the authentication dialog. If
	such dialog is currently in progress, a call to this method will continue it. If such dialog is not in progress a new one will be
	started. A new dialog can be forced to be started regardless of one being in progress or not by providing a value of
	<code>true</code> for the <a href="../../../javax/security/enterprise/authentication/mechanism/http/AuthenticationParameters.html#newAuthentication"><code>AuthenticationParameters.newAuthentication</code></a> parameter with this call.

	<p>
	This method requires an <a href="../../../javax/servlet/http/HttpServletRequest.html" title="interface in javax.servlet.http"><code>HttpServletRequest</code></a> and <a href="../../../javax/servlet/http/HttpServletResponse.html" title="interface in javax.servlet.http"><code>HttpServletResponse</code></a> argument to be passed in, and
	can therefore only be used in a valid Servlet context.</div>
	<dl>
	<dt><span class="paramLabel">Parameters:</span></dt>
	<dd><code>request</code> - The <code>HttpServletRequest</code> associated with the current web resource invocation.</dd>
	<dd><code>response</code> - The <code>HttpServletResponse</code> associated with the given <code>HttpServletRequest</code>.</dd>
	<dd><code>parameters</code> - The parameters that are provided along with a programmatic authentication request, for instance the credentials.
	collected by the application for continuing an authentication dialog.</dd>
	<dt><span class="returnLabel">Returns:</span></dt>
	<dd>The state of the authentication mechanism after being triggered by this call</dd>
	</dl>
	</li>
	</ul>
	</li>
	</ul>
	</li>
	</ul>
	</div>
	</div>
	<!-- ========= END OF CLASS DATA ========= -->
	<!-- ======= START OF BOTTOM NAVBAR ====== -->
	<div class="bottomNav"><a name="navbar.bottom">
	<!-- -->
	</a>
	<div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
	<a name="navbar.bottom.firstrow">
	<!-- -->
	</a>
	<ul class="navList" title="Navigation">
	<li><a href="../../../overview-summary.html">Overview</a></li>
	<li><a href="package-summary.html">Package</a></li>
	<li class="navBarCell1Rev">Class</li>
	<li><a href="package-tree.html">Tree</a></li>
	<li><a href="../../../deprecated-list.html">Deprecated</a></li>
	<li><a href="../../../index-all.html">Index</a></li>
	<li><a href="../../../help-doc.html">Help</a></li>
	</ul>
	</div>
	<div class="subNav">
	<ul class="navList">
	<li><a href="../../../javax/security/enterprise/CallerPrincipal.html" title="class in javax.security.enterprise"><span class="typeNameLink">Prev Class</span></a></li>
	<li>Next Class</li>
	</ul>
	<ul class="navList">
	<li><a href="../../../index.html?javax/security/enterprise/SecurityContext.html" target="_top">Frames</a></li>
	<li><a href="SecurityContext.html" target="_top">No Frames</a></li>
	</ul>
	<ul class="navList" id="allclasses_navbar_bottom">
	<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
	</ul>
	<div>
	<script type="text/javascript"><!--
	allClassesLink = document.getElementById("allclasses_navbar_bottom");
	if(window==top) {
	allClassesLink.style.display = "block";
	}
	else {
	allClassesLink.style.display = "none";
	}
	//-->
	</script>
	</div>
	<div>
	<ul class="subNavList">
	<li>Summary: </li>
	<li>Nested \| </li>
	<li>Field \| </li>
	<li>Constr \| </li>
	<li><a href="#method.summary">Method</a></li>
	</ul>
	<ul class="subNavList">
	<li>Detail: </li>
	<li>Field \| </li>
	<li>Constr \| </li>
	<li><a href="#method.detail">Method</a></li>
	</ul>
	</div>
	<a name="skip.navbar.bottom">
	<!-- -->
	</a></div>
	<!-- ======== END OF BOTTOM NAVBAR ======= -->
	</body>
	</html>