org.jboss.jms.server
Interface SecurityStore
- All Known Implementing Classes:
- SecurityMetadataStore
public interface SecurityStore
- Version:
- $Revision: 3118 $
$Id: SecurityStore.java 3118 2007-09-19 12:52:41Z timfox $
- Author:
- Ovidiu Feodorov
Method Summary |
javax.security.auth.Subject |
authenticate(java.lang.String user,
java.lang.String password)
Authenticate the specified user with the given password. |
boolean |
authorize(java.lang.String user,
java.util.Set rolePrincipals,
CheckType checkType)
Authorize that the subject has at least one of the specified roles. |
void |
clearSecurityConfig(boolean isQueue,
java.lang.String name)
|
SecurityMetadata |
getSecurityMetadata(boolean isQueue,
java.lang.String destName)
|
void |
setSecurityConfig(boolean isQueue,
java.lang.String destName,
org.w3c.dom.Element conf)
|
getSecurityMetadata
SecurityMetadata getSecurityMetadata(boolean isQueue,
java.lang.String destName)
- Returns:
- the security meta-data for the given destination.
setSecurityConfig
void setSecurityConfig(boolean isQueue,
java.lang.String destName,
org.w3c.dom.Element conf)
throws java.lang.Exception
- Throws:
java.lang.Exception
clearSecurityConfig
void clearSecurityConfig(boolean isQueue,
java.lang.String name)
throws java.lang.Exception
- Throws:
java.lang.Exception
authenticate
javax.security.auth.Subject authenticate(java.lang.String user,
java.lang.String password)
throws JMSSecurityException
- Authenticate the specified user with the given password. Implementations are most likely to
delegates to a JBoss AuthenticationManager.
Successful autentication will place a new SubjectContext on thread local, which will be used
in the authorization process. However, we need to make sure we clean up thread local
immediately after we used the information, otherwise some other people security my be screwed
up, on account of thread local security stack being corrupted.
- Throws:
JMSSecurityException
- if the user is not authenticated
authorize
boolean authorize(java.lang.String user,
java.util.Set rolePrincipals,
CheckType checkType)
- Authorize that the subject has at least one of the specified roles. Implementations are most
likely to delegates to a JBoss AuthenticationManager.
- Parameters:
rolePrincipals
- - The set of roles allowed to read/write/create the destination.
- Returns:
- true if the subject is authorized, or false if not.
Copyright © 2006 JBoss Inc. All Rights Reserved.