|
JSecurity | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
public interface SecurityManager
A SecurityManager executes all security operations for all Subjects (aka users) across a single application.
The interface itself primarily exists as a convenience - it extends the Authenticator,
Authorizer, and SessionFactory interfaces, thereby consolidating
these behaviors into a single point of reference. For most JSecurity usages, this simplifies configuration and
tends to be a more convenient approach than referencing Authenticator, Authorizer, and
SessionFactory instances seperately; instead one only needs to interact with a
single SecurityManager instance.
In addition to the above three interfaces, three unique methods are provided by this interface by itself,
login(org.jsecurity.authc.AuthenticationToken), logout(org.jsecurity.subject.PrincipalCollection) and getSubject(). A Subject executes
authentication, authorization, and session operations for a single user, and as such can only be
managed by A SecurityManager which is aware of all three functions. The three parent interfaces on the
other hand do not 'know' about Subjects to ensure a clean separation of concerns.
Usage Note: In actuality the large majority of application programmers won't interact with a SecurityManager very often, if at all. Most application programmers only care about security operations for the currently executing user.
In that case, the application programmer can call the
getSubject() method and then use that returned instance for continued interaction with
JSecurity. If your application code does not have a direct handle to the application's
SecurityManager, you can use SecurityUtils anywhere in your code
to achieve the same result.
Framework developers on the other hand might find working with an actual SecurityManager useful.
DefaultSecurityManager| Method Summary | |
|---|---|
Subject |
getSubject()
Returns the Subject instance representing the currently executing user. |
Subject |
login(AuthenticationToken authenticationToken)
Logs in a user, returning a Subject instance if the authentication is successful or throwing an AuthenticationException if it is not. |
void |
logout(PrincipalCollection subjectIdentifier)
Logs out the specified Subject from the system. |
| Methods inherited from interface org.jsecurity.authc.Authenticator |
|---|
authenticate |
| Methods inherited from interface org.jsecurity.authz.Authorizer |
|---|
checkPermission, checkPermission, checkPermissions, checkPermissions, checkRole, checkRoles, hasAllRoles, hasRole, hasRoles, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll |
| Methods inherited from interface org.jsecurity.session.SessionFactory |
|---|
getSession, start |
| Method Detail |
|---|
Subject login(AuthenticationToken authenticationToken)
throws AuthenticationException
AuthenticationException if it is not.
Note that using this method is an alternative to calling
Subject.login(authenticationToken)subject.login(token) more convenient than calling
this method on the SecurityManager directly.
authenticationToken - the token representing the Subject's principal(s) and credential(s)
AuthenticationException - if the login attempt failed.void logout(PrincipalCollection subjectIdentifier)
Note that most application developers should not call this method unless they have a good reason for doing
so. The preferred way to logout a Subject is to call Subject.logout()SecurityManager directly.
subjectIdentifier - the identifier of the subject/user to log out.getSubject()Subject getSubject()
|
JSecurity | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||