com.ibm.wsspi.security.context

Interface Context

  • All Superinterfaces:
    java.io.Serializable

    public interface Context
extends java.io.Serializable
    An abstraction of the security context obtained from the thread of execution.

    The security context consists of the "RunAs" and "Caller" Subjects, including any credentials, authentication, authorization, and propagastion tokens.

    The security context is retrieved from the running thread when instances of this interface are newly created by the factory method com.ibm.wsspi.security.context.ContextManager.getContext(). Instances of this interface may be saved to persistent storage and later restored for use by an application.

    Version:
    Base Enablement iFix for v6.1
    See Also:
    ContextManager.getContext()

    • Method Summary

      Methods 
      Modifier and Type Method and Description
      javax.security.auth.Subject getCallerSubject()
      Returns the current Caller Subject stored in this Context.
      Domain getDomain()
      Returns the current domain stored in this Context.
      java.util.Map getPropagationTokens()
      Returns the current Map of PropagationTokens stored in this Context.
      javax.security.auth.Subject getRunAsSubject()
      Returns the current RunAs Subject stored in this Context.
      void restoreContext()
      The security context saved by the setContext() operation is restored and set on the current thread of execution.
      java.lang.Object runWith(java.security.PrivilegedExceptionAction action)
      Run the given action using this security context.
      java.lang.Object runWithDomain(java.security.PrivilegedExceptionAction action)
      Run the given action using the security domain in this context.
      void setCallerSubject(javax.security.auth.Subject caller)
      Replaces the Caller Subject stored in this Context with the given Subject.
      void setContext()
      Set this security context on the current thread of execution.
      void setDomain(Domain domain)
      Replaces the domain stored in this Context with the given domain.
      void setPropagationTokens(java.util.Map tokens)
      Replaces the Map of PropagationTokens stored in this Context with the given Map.
      void setRunAsSubject(javax.security.auth.Subject runAs)
      Replaces the RunAs Subject stored in this Context with the given Subject.

    • Method Detail

      • setContext

        void setContext()
                throws com.ibm.websphere.security.WSSecurityException
        Set this security context on the current thread of execution.

        Prior to setting this context on the thread of execution, the current security context on the thread is saved and is restored on the thread by the restoreContext() operation.

        "setSecurityContext" permission is required in order to perform this operation.

        Throws:
        com.ibm.websphere.security.WSSecurityException - if any errors are encountered.

      • restoreContext

        void restoreContext()
                    throws com.ibm.websphere.security.WSSecurityException
        The security context saved by the setContext() operation is restored and set on the current thread of execution.

        "restoreSecurityContext" permission is required in order to perform this operation.

        Throws:
        com.ibm.websphere.security.WSSecurityException - if any errors are encountered.

      • runWith

        java.lang.Object runWith(java.security.PrivilegedExceptionAction action)
                         throws com.ibm.websphere.security.WSSecurityException
        Run the given action using this security context. The security domain and the subjects will be pushed on the thread before running the action. The thread state will be restored, i.e the domain and subjects will be popped after the action runs.
        Parameters:
        action - the action to be performed using this security context
        Returns:
        the value returned by the action's run operation.
        Throws:
        com.ibm.websphere.security.WSSecurityException - if any errors are encountered.

      • runWithDomain

        java.lang.Object runWithDomain(java.security.PrivilegedExceptionAction action)
                               throws com.ibm.websphere.security.WSSecurityException
        Run the given action using the security domain in this context. The domain will be pushed on the thread, but the subjects will not, before running the action. The thread state will be restored, i.e the domain will be popped, after the action runs.
        Parameters:
        action - the action to be performed using this security context
        Returns:
        the value returned by the action's run operation.
        Throws:
        com.ibm.websphere.security.WSSecurityException - if any errors are encountered.

      • setCallerSubject

        void setCallerSubject(javax.security.auth.Subject caller)
                      throws com.ibm.websphere.security.WSSecurityException
        Replaces the Caller Subject stored in this Context with the given Subject. This operation does not modify the Caller Subject in thread local storage (TLS). The given Subject becomes the current Caller Subject stored in this Context and the previous value of the Caller Subject is lost and discarded.
        Parameters:
        caller - the Caller Subject to replace the current Caller Subject in this Context.
        Throws:
        com.ibm.websphere.security.WSSecurityException - if an error occurs

      • getCallerSubject

        javax.security.auth.Subject getCallerSubject()
                                             throws com.ibm.websphere.security.WSSecurityException
        Returns the current Caller Subject stored in this Context. The Caller Subject returned is not retrieved from thread local storage (TLS). The initial value of the Caller Subject is obtained from TLS at the time this Context is created and may have subsequently been modified with the setCallerSubject() operation.
        Returns:
        the current Caller Subject in this Context.
        Throws:
        com.ibm.websphere.security.WSSecurityException - if an error occurs

      • setRunAsSubject

        void setRunAsSubject(javax.security.auth.Subject runAs)
                     throws com.ibm.websphere.security.WSSecurityException
        Replaces the RunAs Subject stored in this Context with the given Subject. This operation does not modify the RunAs Subject (aka Invocation Subject) in thread local storage (TLS). The given Subject becomes the current RunAs Subject stored in this Context and the previous value of the RunAs Subject is lost and discarded.
        Parameters:
        runAs - the RunAs Subject to replace the current RunAs Subject in this Context.
        Throws:
        com.ibm.websphere.security.WSSecurityException - if an error occurs

      • getRunAsSubject

        javax.security.auth.Subject getRunAsSubject()
                                            throws com.ibm.websphere.security.WSSecurityException
        Returns the current RunAs Subject stored in this Context. The RunAs Subject returned is not retrieved from thread local storage (TLS). The initial value of the RunAs Subject is obtained from TLS at the time this Context is created and may have subsequently been modified with the setRunAsSubject() operation.
        Returns:
        the current RunAs Subject in this Context.
        Throws:
        com.ibm.websphere.security.WSSecurityException - if an error occurs

      • getPropagationTokens

        java.util.Map getPropagationTokens()
                                   throws com.ibm.websphere.security.WSSecurityException
        Returns the current Map of PropagationTokens stored in this Context. The PropagationTokens in the Map are not retrieved from thread local storage (TLS). The Map of PropagationTokens is initially obtained from TLS at the time this Context is created and may have subsequently been modified with the setPropagationTokens() operation.
        Returns:
        the Map of PropagationTokens stored in this Context.
        Throws:
        com.ibm.websphere.security.WSSecurityException - if an error occurs

      • setPropagationTokens

        void setPropagationTokens(java.util.Map tokens)
                          throws com.ibm.websphere.security.WSSecurityException
        Replaces the Map of PropagationTokens stored in this Context with the given Map. This operation does not modify the Map of PropagationTokens in thread local storage (TLS). The given Map becomes the current Map of PropagationTokens stored in this Context and the previous Map is lost and discarded.
        Parameters:
        tokens - the Map of PropagationTokens to replace the current Map in this Context.
        Throws:
        com.ibm.websphere.security.WSSecurityException - if an error occurs

      • getDomain

        Domain getDomain()
                 throws com.ibm.websphere.security.WSSecurityException
        Returns the current domain stored in this Context. The domain is not retrieved from thread local storage (TLS), it is initially obtained from TLS at the time this Context is created and may have subsequently been modified with the setDomain() operation.
        Returns:
        the domain stored in this Context.
        Throws:
        com.ibm.websphere.security.WSSecurityException - if an error occurs

      • setDomain

        void setDomain(Domain domain)
               throws com.ibm.websphere.security.WSSecurityException
        Replaces the domain stored in this Context with the given domain. This operation does not modify the domain in thread local storage (TLS). The given domain becomes the current domain stored in this Context and the previous domain is lost and discarded.
        Parameters:
        domain - the Domain to replace the current Domain in this Context.
        Throws:
        com.ibm.websphere.security.WSSecurityException - if an error occurs
IBM WebSphere Application ServerTM
Release 8.5
  • Summary: 
  • Nested | 
  • Field | 
  • Constr | 
  • Method
  • Detail: 
  • Field | 
  • Constr | 
  • Method