com.ibm.wsspi.security.context
Interface Context
All Superinterfaces:
java.io.Serializable
- public interface Context
- extends java.io.Serializable
The security context consists of the "RunAs" and "Caller" Subjects, including any credentials, authentication, authorization, and propagastion tokens.
The security context is retrieved from the running thread when instances of this interface are
newly created by the factory method com.ibm.wsspi.security.context.ContextManager.getContext().
Instances of this interface may be saved to persistent storage and later restored for use by an application.
Version:
Base Enablement iFix for v6.1
See Also:
Method Summary
Modifier and Type | Method and Description |
---|---|
|
getCallerSubject()
Returns the current Caller Subject stored in this
Context .
|
getDomain()
Returns the current domain stored in this
Context .
|
|
|
getPropagationTokens()
Returns the current Map of PropagationTokens stored in this
Context .
|
|
getRunAsSubject()
Returns the current RunAs Subject stored in this
Context .
|
|
restoreContext()
The security context saved by the
setContext() operation is restored
and set on the current thread of execution.
|
|
runWith(java.security.PrivilegedExceptionAction action)
Run the given
action using this security context.
|
|
runWithDomain(java.security.PrivilegedExceptionAction action)
Run the given
action using the security domain in this context.
|
|
setCallerSubject(javax.security.auth.Subject caller)
Replaces the Caller Subject stored in this
Context with the given Subject.
|
|
setContext()
Set this security context on the current thread of execution.
|
|
setDomain(Domain domain)
Replaces the domain stored in this
Context with the given domain.
|
|
setPropagationTokens(java.util.Map tokens)
Replaces the Map of PropagationTokens stored in this
Context with the given Map.
|
|
setRunAsSubject(javax.security.auth.Subject runAs)
Replaces the RunAs Subject stored in this
Context with the given Subject.
|
Method Detail
setContext
- void setContext()
- throws com.ibm.websphere.security.WSSecurityException
Throws:
com.ibm.websphere.security.WSSecurityException
- if any errors are encountered. restoreContext
- void restoreContext()
- throws com.ibm.websphere.security.WSSecurityException
The security context saved by the
setContext()
operation is restored
and set on the current thread of execution.
"restoreSecurityContext" permission is required in order to perform this operation.
Throws:
com.ibm.websphere.security.WSSecurityException
- if any errors are encountered. runWith
- java.lang.Object runWith(java.security.PrivilegedExceptionAction action)
- throws com.ibm.websphere.security.WSSecurityException
Run the given
action
using this security context. The security
domain and the subjects will be pushed on the thread before running the action.
The thread state will be restored, i.e the domain and subjects will be
popped after the action runs.
Parameters:
action
- the action to be performed using this security context Returns:
the value returned by the
action
's run operation. Throws:
com.ibm.websphere.security.WSSecurityException
- if any errors are encountered. runWithDomain
- java.lang.Object runWithDomain( java.security.PrivilegedExceptionAction action)
- throws com.ibm.websphere.security.WSSecurityException
Run the given
action
using the security domain in this context. The domain
will be pushed on the thread, but the subjects will not, before running the action.
The thread state will be restored, i.e the domain will be popped, after the action runs.
Parameters:
action
- the action to be performed using this security context Returns:
the value returned by the
action
's run operation. Throws:
com.ibm.websphere.security.WSSecurityException
- if any errors are encountered. setCallerSubject
- void setCallerSubject(javax.security.auth.Subject caller)
- throws com.ibm.websphere.security.WSSecurityException
Replaces the Caller Subject stored in this
Context
with the given Subject.
This operation does not modify the Caller Subject in thread local storage (TLS).
The given Subject becomes the current Caller Subject stored in this Context
and the
previous value of the Caller Subject is lost and discarded.
Parameters:
caller
- the Caller Subject to replace the current Caller Subject in this Context
. Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs getCallerSubject
- javax.security.auth.Subject getCallerSubject( )
- throws com.ibm.websphere.security.WSSecurityException
Returns the current Caller Subject stored in this
Context
.
The Caller Subject returned is not retrieved from thread local storage (TLS).
The initial value of the Caller Subject is obtained from TLS at the time this Context
is created and may have subsequently been modified with the setCallerSubject()
operation.
Returns:
the current Caller Subject in this
Context
. Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs setRunAsSubject
- void setRunAsSubject(javax.security.auth.Subject runAs)
- throws com.ibm.websphere.security.WSSecurityException
Replaces the RunAs Subject stored in this
Context
with the given Subject.
This operation does not modify the RunAs Subject (aka Invocation Subject) in thread local storage (TLS).
The given Subject becomes the current RunAs Subject stored in this Context
and the
previous value of the RunAs Subject is lost and discarded.
Parameters:
runAs
- the RunAs Subject to replace the current RunAs Subject in this Context
. Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs getRunAsSubject
- javax.security.auth.Subject getRunAsSubject( )
- throws com.ibm.websphere.security.WSSecurityException
Returns the current RunAs Subject stored in this
Context
.
The RunAs Subject returned is not retrieved from thread local storage (TLS).
The initial value of the RunAs Subject is obtained from TLS at the time this Context
is created and may have subsequently been modified with the setRunAsSubject()
operation.
Returns:
the current RunAs Subject in this
Context
. Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs getPropagationTokens
- java.util.Map getPropagationTokens( )
- throws com.ibm.websphere.security.WSSecurityException
Returns the current Map of PropagationTokens stored in this
Context
.
The PropagationTokens in the Map are not retrieved from thread local storage (TLS).
The Map of PropagationTokens is initially obtained from TLS at the time this Context
is created and may have subsequently been modified with the setPropagationTokens()
operation.
Returns:
the Map of PropagationTokens stored in this
Context
. Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs setPropagationTokens
- void setPropagationTokens(java.util.Map tokens)
- throws com.ibm.websphere.security.WSSecurityException
Replaces the Map of PropagationTokens stored in this
Context
with the given Map.
This operation does not modify the Map of PropagationTokens in thread local storage (TLS).
The given Map becomes the current Map of PropagationTokens stored in this Context
and the
previous Map is lost and discarded.
Parameters:
tokens
- the Map of PropagationTokens to replace the current Map in this Context
. Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs getDomain
- Domain getDomain()
- throws com.ibm.websphere.security.WSSecurityException
Returns the current domain stored in this
Context
.
The domain is not retrieved from thread local storage (TLS), it
is initially obtained from TLS at the time this Context
is created and may have subsequently been modified with the setDomain()
operation.
Returns:
the domain stored in this
Context
. Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs setDomain
- void setDomain(Domain domain)
- throws com.ibm.websphere.security.WSSecurityException
Replaces the domain stored in this
Context
with the given domain.
This operation does not modify the domain in thread local storage (TLS).
The given domain becomes the current domain stored in this Context
and the
previous domain is lost and discarded.
Parameters:
domain
- the Domain to replace the current Domain in this Context
. Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs
Prior to setting this context on the thread of execution, the current security context on the thread is saved and is restored on the thread by the
restoreContext()
operation."setSecurityContext" permission is required in order to perform this operation.