Package org.jboss.security.plugins
Class NullSecurityManager
- java.lang.Object
-
- org.jboss.security.plugins.NullSecurityManager
-
- All Implemented Interfaces:
Serializable
,AuthenticationManager
,BaseSecurityManager
,RealmMapping
,SubjectSecurityManager
public class NullSecurityManager extends Object implements SubjectSecurityManager, RealmMapping, Serializable
An implementation of SubjectSecurityManager, RealmMapping that authenticates everyone and for which Principals have any role requested. It can be used as a pass-through security manager when you want noop security.- Version:
- $Revision$
- Author:
- Scott.Stark@jboss.org
- See Also:
isValid(Principal, Object, Subject)
,getPrincipal(Principal)
,doesUserHaveRole(Principal, Set)
, Serialized Form
-
-
Constructor Summary
Constructors Constructor Description NullSecurityManager(String securityDomain)
Creates a default JaasSecurityManager for with the given securityDomain name.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
doesUserHaveRole(Principal principal, Set<Principal> roleNames)
Does the current Subject have a role(a Principal) that equates to one of the role names.Subject
getActiveSubject()
Get the currently authenticated Subject.Principal
getPrincipal(Principal principal)
Always returns the argument principal.String
getSecurityDomain()
Get the name of the security domain associated with this security mgr.Principal
getTargetPrincipal(Principal anotherDomainPrincipal, Map<String,Object> contextMap)
Trust related usecases may require translation of a principal from another domain to the current domain An implementation of this interface may need to do a backdoor contact of the external trust provider in deriving the target principalSet<Principal>
getUserRoles(Principal principal)
Return the set of domain roles the principal has been assigned.boolean
isValid(Principal principal, Object credential)
Validate that the given credential is correct for principal.boolean
isValid(Principal principal, Object credential, Subject activeSubject)
Validate that the given credential is correct for principal.boolean
isValid(javax.security.auth.message.MessageInfo requestMessage, Subject clientSubject, String layer)
boolean
isValid(javax.security.auth.message.MessageInfo requestMessage, Subject clientSubject, String layer, CallbackHandler handler)
void
logout(Principal principal, Subject subject)
No-op implementation.
-
-
-
Constructor Detail
-
NullSecurityManager
public NullSecurityManager(String securityDomain)
Creates a default JaasSecurityManager for with the given securityDomain name.
-
-
Method Detail
-
getSecurityDomain
public String getSecurityDomain()
Get the name of the security domain associated with this security mgr.- Specified by:
getSecurityDomain
in interfaceBaseSecurityManager
- Returns:
- Name of the security manager security domain.
-
getActiveSubject
public Subject getActiveSubject()
Get the currently authenticated Subject.- Specified by:
getActiveSubject
in interfaceAuthenticationManager
- Returns:
- Always returns null.
- See Also:
PolicyContextHandler.getContext(String, Object)
-
isValid
public boolean isValid(Principal principal, Object credential)
Validate that the given credential is correct for principal.- Specified by:
isValid
in interfaceAuthenticationManager
- Parameters:
principal
- - the user identity in the operation environmentcredential
- - the proof of user identity as known in the operation environment- Returns:
- always returns true.
- See Also:
AuthenticationManager.isValid(Principal, Object, Subject)
-
isValid
public boolean isValid(Principal principal, Object credential, Subject activeSubject)
Validate that the given credential is correct for principal. This does not populate the activeSubject with any state since no authentication is performed.- Specified by:
isValid
in interfaceAuthenticationManager
- Parameters:
principal
- - the user identity in the operation environmentcredential
- - the proof of user identity as known in the operation environmentactiveSubject
- - the Subject which should be populated with the validated Subject contents. A JAAS based implementation would typically populate the activeSubject with the LoginContext.login result.- Returns:
- always returns true.
-
isValid
public boolean isValid(javax.security.auth.message.MessageInfo requestMessage, Subject clientSubject, String layer)
-
isValid
public boolean isValid(javax.security.auth.message.MessageInfo requestMessage, Subject clientSubject, String layer, CallbackHandler handler)
-
getTargetPrincipal
public Principal getTargetPrincipal(Principal anotherDomainPrincipal, Map<String,Object> contextMap)
Description copied from interface:AuthenticationManager
Trust related usecases may require translation of a principal from another domain to the current domain An implementation of this interface may need to do a backdoor contact of the external trust provider in deriving the target principal- Specified by:
getTargetPrincipal
in interfaceAuthenticationManager
- Parameters:
anotherDomainPrincipal
- Principal that is applicable in the other domain (Can be null - in which case the contextMap is used solely to derive the target principal)contextMap
- Any context information (including information on the other domain that may be relevant in deriving the target principal). Any SAML assertions that may be relevant can be passed here.- Returns:
- principal from a target security domain
- See Also:
AuthenticationManager.getTargetPrincipal(Principal,Map)
-
getPrincipal
public Principal getPrincipal(Principal principal)
Always returns the argument principal.- Specified by:
getPrincipal
in interfaceRealmMapping
- Parameters:
principal
- the caller principal as known in the operation environment.- Returns:
- The argument principal
-
doesUserHaveRole
public boolean doesUserHaveRole(Principal principal, Set<Principal> roleNames)
Does the current Subject have a role(a Principal) that equates to one of the role names. This method always returns true.- Specified by:
doesUserHaveRole
in interfaceRealmMapping
- Parameters:
principal
- - ignored.roleNames
- - ignored.- Returns:
- Always returns true.
-
getUserRoles
public Set<Principal> getUserRoles(Principal principal)
Return the set of domain roles the principal has been assigned.- Specified by:
getUserRoles
in interfaceRealmMapping
- Returns:
- The Set
with the AnybodyPrincipal as the sole role.
-
logout
public void logout(Principal principal, Subject subject)
No-op implementation.- Specified by:
logout
in interfaceAuthenticationManager
- Parameters:
principal
- thePrincipal
being logged out.subject
- theSubject
associated with the principal being logged out.
-
-