Interface Context
-
- All Superinterfaces:
- java.io.Serializable
public interface Context extends java.io.Serializable
An abstraction of the security context obtained from the thread of execution.The security context consists of the "RunAs" and "Caller" Subjects, including any credentials, authentication, authorization, and propagastion tokens.
The security context is retrieved from the running thread when instances of this interface are newly created by the factory method
com.ibm.wsspi.security.context.ContextManager.getContext().
Instances of this interface may be saved to persistent storage and later restored for use by an application.- Version:
- Base Enablement iFix for v6.1
- See Also:
ContextManager.getContext()
-
-
Method Summary
Methods Modifier and Type Method and Description javax.security.auth.Subject
getCallerSubject()
Returns the current Caller Subject stored in thisContext
.Domain
getDomain()
Returns the current domain stored in thisContext
.java.util.Map
getPropagationTokens()
Returns the current Map of PropagationTokens stored in thisContext
.javax.security.auth.Subject
getRunAsSubject()
Returns the current RunAs Subject stored in thisContext
.void
restoreContext()
The security context saved by thesetContext()
operation is restored and set on the current thread of execution.java.lang.Object
runWith(java.security.PrivilegedExceptionAction action)
Run the givenaction
using this security context.java.lang.Object
runWithDomain(java.security.PrivilegedExceptionAction action)
Run the givenaction
using the security domain in this context.void
setCallerSubject(javax.security.auth.Subject caller)
Replaces the Caller Subject stored in thisContext
with the given Subject.void
setContext()
Set this security context on the current thread of execution.void
setDomain(Domain domain)
Replaces the domain stored in thisContext
with the given domain.void
setPropagationTokens(java.util.Map tokens)
Replaces the Map of PropagationTokens stored in thisContext
with the given Map.void
setRunAsSubject(javax.security.auth.Subject runAs)
Replaces the RunAs Subject stored in thisContext
with the given Subject.
-
-
-
Method Detail
-
setContext
void setContext() throws com.ibm.websphere.security.WSSecurityException
Set this security context on the current thread of execution.Prior to setting this context on the thread of execution, the current security context on the thread is saved and is restored on the thread by the
restoreContext()
operation."setSecurityContext" permission is required in order to perform this operation.
- Throws:
com.ibm.websphere.security.WSSecurityException
- if any errors are encountered.
-
restoreContext
void restoreContext() throws com.ibm.websphere.security.WSSecurityException
The security context saved by thesetContext()
operation is restored and set on the current thread of execution."restoreSecurityContext" permission is required in order to perform this operation.
- Throws:
com.ibm.websphere.security.WSSecurityException
- if any errors are encountered.
-
runWith
java.lang.Object runWith(java.security.PrivilegedExceptionAction action) throws com.ibm.websphere.security.WSSecurityException
Run the givenaction
using this security context. The security domain and the subjects will be pushed on the thread before running the action. The thread state will be restored, i.e the domain and subjects will be popped after the action runs.- Parameters:
action
- the action to be performed using this security context- Returns:
- the value returned by the
action
's run operation. - Throws:
com.ibm.websphere.security.WSSecurityException
- if any errors are encountered.
-
runWithDomain
java.lang.Object runWithDomain(java.security.PrivilegedExceptionAction action) throws com.ibm.websphere.security.WSSecurityException
Run the givenaction
using the security domain in this context. The domain will be pushed on the thread, but the subjects will not, before running the action. The thread state will be restored, i.e the domain will be popped, after the action runs.- Parameters:
action
- the action to be performed using this security context- Returns:
- the value returned by the
action
's run operation. - Throws:
com.ibm.websphere.security.WSSecurityException
- if any errors are encountered.
-
setCallerSubject
void setCallerSubject(javax.security.auth.Subject caller) throws com.ibm.websphere.security.WSSecurityException
Replaces the Caller Subject stored in thisContext
with the given Subject. This operation does not modify the Caller Subject in thread local storage (TLS). The given Subject becomes the current Caller Subject stored in thisContext
and the previous value of the Caller Subject is lost and discarded.- Parameters:
caller
- the Caller Subject to replace the current Caller Subject in thisContext
.- Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs
-
getCallerSubject
javax.security.auth.Subject getCallerSubject() throws com.ibm.websphere.security.WSSecurityException
Returns the current Caller Subject stored in thisContext
. The Caller Subject returned is not retrieved from thread local storage (TLS). The initial value of the Caller Subject is obtained from TLS at the time thisContext
is created and may have subsequently been modified with thesetCallerSubject()
operation.- Returns:
- the current Caller Subject in this
Context
. - Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs
-
setRunAsSubject
void setRunAsSubject(javax.security.auth.Subject runAs) throws com.ibm.websphere.security.WSSecurityException
Replaces the RunAs Subject stored in thisContext
with the given Subject. This operation does not modify the RunAs Subject (aka Invocation Subject) in thread local storage (TLS). The given Subject becomes the current RunAs Subject stored in thisContext
and the previous value of the RunAs Subject is lost and discarded.- Parameters:
runAs
- the RunAs Subject to replace the current RunAs Subject in thisContext
.- Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs
-
getRunAsSubject
javax.security.auth.Subject getRunAsSubject() throws com.ibm.websphere.security.WSSecurityException
Returns the current RunAs Subject stored in thisContext
. The RunAs Subject returned is not retrieved from thread local storage (TLS). The initial value of the RunAs Subject is obtained from TLS at the time thisContext
is created and may have subsequently been modified with thesetRunAsSubject()
operation.- Returns:
- the current RunAs Subject in this
Context
. - Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs
-
getPropagationTokens
java.util.Map getPropagationTokens() throws com.ibm.websphere.security.WSSecurityException
Returns the current Map of PropagationTokens stored in thisContext
. The PropagationTokens in the Map are not retrieved from thread local storage (TLS). The Map of PropagationTokens is initially obtained from TLS at the time thisContext
is created and may have subsequently been modified with thesetPropagationTokens()
operation.- Returns:
- the Map of PropagationTokens stored in this
Context
. - Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs
-
setPropagationTokens
void setPropagationTokens(java.util.Map tokens) throws com.ibm.websphere.security.WSSecurityException
Replaces the Map of PropagationTokens stored in thisContext
with the given Map. This operation does not modify the Map of PropagationTokens in thread local storage (TLS). The given Map becomes the current Map of PropagationTokens stored in thisContext
and the previous Map is lost and discarded.- Parameters:
tokens
- the Map of PropagationTokens to replace the current Map in thisContext
.- Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs
-
getDomain
Domain getDomain() throws com.ibm.websphere.security.WSSecurityException
Returns the current domain stored in thisContext
. The domain is not retrieved from thread local storage (TLS), it is initially obtained from TLS at the time thisContext
is created and may have subsequently been modified with thesetDomain()
operation.- Returns:
- the domain stored in this
Context
. - Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs
-
setDomain
void setDomain(Domain domain) throws com.ibm.websphere.security.WSSecurityException
Replaces the domain stored in thisContext
with the given domain. This operation does not modify the domain in thread local storage (TLS). The given domain becomes the current domain stored in thisContext
and the previous domain is lost and discarded.- Parameters:
domain
- the Domain to replace the current Domain in thisContext
.- Throws:
com.ibm.websphere.security.WSSecurityException
- if an error occurs
-
-