| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
| <!-- NewPage --> |
| <html lang="en"> |
| <head> |
| <title>SecurityContext</title> |
| <link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style"> |
| <script type="text/javascript" src="../../../script.js"></script> |
| |
| <link rel="shortcut icon" href="/img/jakarta-favicon.ico"> |
| </head> |
| <body> |
| <script type="text/javascript"><!-- |
| try { |
| if (location.href.indexOf('is-external=true') == -1) { |
| parent.document.title="SecurityContext"; |
| } |
| } |
| catch(err) { |
| } |
| //--> |
| var methods = {"i0":6,"i1":6,"i2":6,"i3":6,"i4":6}; |
| var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"]}; |
| var altColor = "altColor"; |
| var rowColor = "rowColor"; |
| var tableTab = "tableTab"; |
| var activeTableTab = "activeTableTab"; |
| </script> |
| <noscript> |
| <div>JavaScript is disabled on your browser.</div> |
| </noscript> |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <div class="topNav"><a name="navbar.top"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.top.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../index-all.html">Index</a></li> |
| <li><a href="../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li><a href="../../../javax/security/enterprise/CallerPrincipal.html" title="class in javax.security.enterprise"><span class="typeNameLink">Prev Class</span></a></li> |
| <li>Next Class</li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../index.html?javax/security/enterprise/SecurityContext.html" target="_top">Frames</a></li> |
| <li><a href="SecurityContext.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_top"> |
| <li><a href="../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_top"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li><a href="#method.summary">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li><a href="#method.detail">Method</a></li> |
| </ul> |
| </div> |
| <a name="skip.navbar.top"> |
| <!-- --> |
| </a></div> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <div class="header"> |
| <div class="subTitle">javax.security.enterprise</div> |
| <h2 title="Interface SecurityContext" class="title">Interface SecurityContext</h2> |
| </div> |
| <div class="contentContainer"> |
| <div class="description"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <hr> |
| <br> |
| <pre>public interface <span class="typeNameLabel">SecurityContext</span></pre> |
| <div class="block">The SecurityContext provides an access point for programmatic security; an injectable type that is intended to be |
| used by application code to query and interact with Jakarta Security. |
| |
| <p> |
| Unless otherwise indicated, this type must be usable in all Jakarta EE containers, specifically the Jakarta Servlet |
| and Jakarta Enterprise Beans containers.</div> |
| <dl> |
| <dt><span class="simpleTagLabel">Examples (en):</span></dt> |
| <dd><a href="../../../../../../tomee-8.0/examples/security-tomcat-user-identitystore.html">security-tomcat-user-identitystore</a></dd> |
| </dl> |
| </li> |
| </ul> |
| </div> |
| <div class="summary"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- ========== METHOD SUMMARY =========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method.summary"> |
| <!-- --> |
| </a> |
| <h3>Method Summary</h3> |
| <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation"> |
| <caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd"> </span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd"> </span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd"> </span></span></caption> |
| <tr> |
| <th class="colFirst" scope="col">Modifier and Type</th> |
| <th class="colLast" scope="col">Method and Description</th> |
| </tr> |
| <tr id="i0" class="altColor"> |
| <td class="colFirst"><code><a href="../../../javax/security/enterprise/AuthenticationStatus.html" title="enum in javax.security.enterprise">AuthenticationStatus</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#authenticate-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters-">authenticate</a></span>(<a href="../../../javax/servlet/http/HttpServletRequest.html" title="interface in javax.servlet.http">HttpServletRequest</a> request, |
| <a href="../../../javax/servlet/http/HttpServletResponse.html" title="interface in javax.servlet.http">HttpServletResponse</a> response, |
| <a href="../../../javax/security/enterprise/authentication/mechanism/http/AuthenticationParameters.html" title="class in javax.security.enterprise.authentication.mechanism.http">AuthenticationParameters</a> parameters)</code> |
| <div class="block">Signal to the container (programmatically trigger) that it should start or continue a web/HTTP based authentication dialog with |
| the caller.</div> |
| </td> |
| </tr> |
| <tr id="i1" class="rowColor"> |
| <td class="colFirst"><code>java.security.Principal</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#getCallerPrincipal--">getCallerPrincipal</a></span>()</code> |
| <div class="block">Retrieve the platform-specific <code>java.security.Principal</code> that represents |
| the name of authenticated caller, or null if the current caller is not authenticated.</div> |
| </td> |
| </tr> |
| <tr id="i2" class="altColor"> |
| <td class="colFirst"><code><T extends java.security.Principal><br>java.util.Set<T></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#getPrincipalsByType-java.lang.Class-">getPrincipalsByType</a></span>(java.lang.Class<T> pType)</code> |
| <div class="block">Retrieve all Principals of the given type from the authenticated caller's Subject, |
| or an empty set if the current caller is not authenticated, or if the specified type |
| isn't found in the Subject.</div> |
| </td> |
| </tr> |
| <tr id="i3" class="rowColor"> |
| <td class="colFirst"><code>boolean</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#hasAccessToWebResource-java.lang.String-java.lang.String...-">hasAccessToWebResource</a></span>(java.lang.String resource, |
| java.lang.String... methods)</code> |
| <div class="block">Checks whether the caller has access to the provided "web resource" using the given methods, |
| as specified by section 13.8 of the Servlet specification.</div> |
| </td> |
| </tr> |
| <tr id="i4" class="altColor"> |
| <td class="colFirst"><code>boolean</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../javax/security/enterprise/SecurityContext.html#isCallerInRole-java.lang.String-">isCallerInRole</a></span>(java.lang.String role)</code> |
| <div class="block">Checks whether the authenticated caller is included in the specified logical <em>application</em> "role".</div> |
| </td> |
| </tr> |
| </table> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| <div class="details"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- ============ METHOD DETAIL ========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method.detail"> |
| <!-- --> |
| </a> |
| <h3>Method Detail</h3> |
| <a name="getCallerPrincipal--"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getCallerPrincipal</h4> |
| <pre>java.security.Principal getCallerPrincipal()</pre> |
| <div class="block">Retrieve the platform-specific <code>java.security.Principal</code> that represents |
| the name of authenticated caller, or null if the current caller is not authenticated.</div> |
| <dl> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>Principal representing the name of the current authenticated user, or null if not authenticated.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="getPrincipalsByType-java.lang.Class-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getPrincipalsByType</h4> |
| <pre><T extends java.security.Principal> java.util.Set<T> getPrincipalsByType(java.lang.Class<T> pType)</pre> |
| <div class="block">Retrieve all Principals of the given type from the authenticated caller's Subject, |
| or an empty set if the current caller is not authenticated, or if the specified type |
| isn't found in the Subject. |
| <p> |
| This can be used to retrieve application-specific |
| Principals when the platform's representation of the caller uses a different principal type. |
| <p> |
| The returned Set is not backed by the Subject's internal Principal Set. |
| A new Set is created and returned for each method invocation. |
| Modifications to the returned Set will not affect the internal Principal Set.</div> |
| <dl> |
| <dt><span class="paramLabel">Type Parameters:</span></dt> |
| <dd><code>T</code> - The actual type represented by the <code>pType</code> argument</dd> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>pType</code> - Class object representing the type of Principal to return.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>Set of Principals of the given type, or an empty set.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="isCallerInRole-java.lang.String-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>isCallerInRole</h4> |
| <pre>boolean isCallerInRole(java.lang.String role)</pre> |
| <div class="block">Checks whether the authenticated caller is included in the specified logical <em>application</em> "role". |
| If the caller is not authenticated, this always returns <code>false</code>. |
| |
| <p> |
| This method <em>can not</em> be used to test for roles that are mapped to specific named Jakarta Servlets or |
| named Jakarta Enterprise Beans. For a Servlet an example of this would be the <code>role-name</code> nested in a |
| <code>security-role-ref</code> element nested in a <code>servlet</code> element in <code>web.xml</code>. |
| |
| <p> |
| Should code in either such Jakarta Servlet or Jakarta Enterprise Bean wish to take such mapped (aka referenced, linked) |
| roles into account, the facilities for that specific container should be used instead. For instance for Servlet that |
| would be <a href="../../../javax/servlet/http/HttpServletRequest.html#isUserInRole-java.lang.String-"><code>HttpServletRequest.isUserInRole(String)</code></a> and for Jakarta Enterprise Beans that would be |
| <code>SessionContext#isCallerInRole(String)</code>.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>role</code> - a <code>String</code> specifying the name of the logical application role</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd><code>true</code> if the authenticated caller is in the given role, false if the caller is not authentication or |
| is not in the given role.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="hasAccessToWebResource-java.lang.String-java.lang.String...-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>hasAccessToWebResource</h4> |
| <pre>boolean hasAccessToWebResource(java.lang.String resource, |
| java.lang.String... methods)</pre> |
| <div class="block">Checks whether the caller has access to the provided "web resource" using the given methods, |
| as specified by section 13.8 of the Servlet specification. |
| |
| <p> |
| A caller has access if the web resource is either not protected (constrained), or when it is protected by a role |
| and the caller is in that role.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>resource</code> - the name of the web resource to test access for. This is a <code>URLPatternSpec</code> that |
| identifies the application specific web resources to which the permission pertains. For a full specification of this |
| pattern see <code>javax.security.jacc.WebResourcePermission#WebResourcePermission(String, String)</code>.</dd> |
| <dd><code>methods</code> - one or more methods to check for whether the caller has access to the web resource using one of those methods.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd><code>true</code> if the caller has access to the web resource using one of the given methods, <code>false</code> otherwise.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="authenticate-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters-"> |
| <!-- --> |
| </a> |
| <ul class="blockListLast"> |
| <li class="blockList"> |
| <h4>authenticate</h4> |
| <pre><a href="../../../javax/security/enterprise/AuthenticationStatus.html" title="enum in javax.security.enterprise">AuthenticationStatus</a> authenticate(<a href="../../../javax/servlet/http/HttpServletRequest.html" title="interface in javax.servlet.http">HttpServletRequest</a> request, |
| <a href="../../../javax/servlet/http/HttpServletResponse.html" title="interface in javax.servlet.http">HttpServletResponse</a> response, |
| <a href="../../../javax/security/enterprise/authentication/mechanism/http/AuthenticationParameters.html" title="class in javax.security.enterprise.authentication.mechanism.http">AuthenticationParameters</a> parameters)</pre> |
| <div class="block">Signal to the container (programmatically trigger) that it should start or continue a web/HTTP based authentication dialog with |
| the caller. |
| |
| <p> |
| Programmatically triggering means that the container responds as if the caller had attempted to access a constrained resource |
| and acts by invoking a configured authentication mechanism (such as the <a href="../../../javax/security/enterprise/authentication/mechanism/http/HttpAuthenticationMechanism.html" title="interface in javax.security.enterprise.authentication.mechanism.http"><code>HttpAuthenticationMechanism</code></a>). |
| |
| <p> |
| Whether the authentication dialog is to be started or continued depends on the (logical) state of the authentication dialog. If |
| such dialog is currently in progress, a call to this method will continue it. If such dialog is not in progress a new one will be |
| started. A new dialog can be forced to be started regardless of one being in progress or not by providing a value of |
| <code>true</code> for the <a href="../../../javax/security/enterprise/authentication/mechanism/http/AuthenticationParameters.html#newAuthentication"><code>AuthenticationParameters.newAuthentication</code></a> parameter with this call. |
| |
| <p> |
| This method requires an <a href="../../../javax/servlet/http/HttpServletRequest.html" title="interface in javax.servlet.http"><code>HttpServletRequest</code></a> and <a href="../../../javax/servlet/http/HttpServletResponse.html" title="interface in javax.servlet.http"><code>HttpServletResponse</code></a> argument to be passed in, and |
| can therefore only be used in a valid Servlet context.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>request</code> - The <code>HttpServletRequest</code> associated with the current web resource invocation.</dd> |
| <dd><code>response</code> - The <code>HttpServletResponse</code> associated with the given <code>HttpServletRequest</code>.</dd> |
| <dd><code>parameters</code> - The parameters that are provided along with a programmatic authentication request, for instance the credentials. |
| collected by the application for continuing an authentication dialog.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>The state of the authentication mechanism after being triggered by this call</dd> |
| </dl> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <!-- ========= END OF CLASS DATA ========= --> |
| <!-- ======= START OF BOTTOM NAVBAR ====== --> |
| <div class="bottomNav"><a name="navbar.bottom"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.bottom.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../index-all.html">Index</a></li> |
| <li><a href="../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li><a href="../../../javax/security/enterprise/CallerPrincipal.html" title="class in javax.security.enterprise"><span class="typeNameLink">Prev Class</span></a></li> |
| <li>Next Class</li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../index.html?javax/security/enterprise/SecurityContext.html" target="_top">Frames</a></li> |
| <li><a href="SecurityContext.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_bottom"> |
| <li><a href="../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_bottom"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li><a href="#method.summary">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li>Constr | </li> |
| <li><a href="#method.detail">Method</a></li> |
| </ul> |
| </div> |
| <a name="skip.navbar.bottom"> |
| <!-- --> |
| </a></div> |
| <!-- ======== END OF BOTTOM NAVBAR ======= --> |
| </body> |
| </html> |