org.wildfly.security.auth.callback

Class CachedIdentityAuthorizeCallback

java.lang.Object

org.wildfly.security.auth.callback.CachedIdentityAuthorizeCallback

All Implemented Interfaces:

Callback, ExtendedCallback

public class CachedIdentityAuthorizeCallback
extends Object
implements ExtendedCallback

A callback that is capable of perform authorization based on the identities managed by an IdentityCache.

This callback can be used in two ways:

• As an alternative to AuthorizeCallback. As a result, the identity (if successfully authorized) will be cached
• To perform a lookup in the cache and authorize the cached identity locally

Author:

Pedro Igor

Constructor Summary

Constructors

Constructor and Description
CachedIdentityAuthorizeCallback(Function<SecurityDomain,org.wildfly.security.cache.IdentityCache> identityCache, boolean localCache) Creates a new instance in order to authorize identities managed by the given identityCache.
CachedIdentityAuthorizeCallback(org.wildfly.security.cache.IdentityCache identityCache) Creates a new instance in order to authorize identities managed by the given identityCache.
CachedIdentityAuthorizeCallback(org.wildfly.security.cache.IdentityCache identityCache, boolean localCache) Creates a new instance in order to authorize identities managed by the given identityCache.
CachedIdentityAuthorizeCallback(Principal principal, Function<SecurityDomain,org.wildfly.security.cache.IdentityCache> identityCache, boolean localCache) Creates a new instance to authenticate, authorize and cache the identity associated with the given principal.
CachedIdentityAuthorizeCallback(Principal principal, org.wildfly.security.cache.IdentityCache identityCache) Creates a new instance to authenticate, authorize and cache the identity associated with the given principal.
CachedIdentityAuthorizeCallback(Principal principal, org.wildfly.security.cache.IdentityCache identityCache, boolean localCache) Creates a new instance to authenticate, authorize and cache the identity associated with the given principal.
CachedIdentityAuthorizeCallback(String name, org.wildfly.security.cache.IdentityCache identityCache) Creates a new instance to authenticate, authorize and cache the identity associated with the given name.

Method Summary

Modifier and Type	Method and Description
Principal	getAuthorizationPrincipal() Returns the authorization Principal.
SecurityIdentity	getIdentity() Returns a cached SecurityIdentity, if present in the cache.
Principal	getPrincipal() Returns the Principal representing the cached identity.
boolean	isAuthorized() Indicates if a cached identity was successfully authorized.
boolean	isLocalCache() Indicates if authorization decisions should be performed based on the given IdentityCache only.
boolean	isOptional() Determine if this callback is optional.
boolean	needsInformation() Determine if this callback is requesting information.
void	setAuthorized(SecurityIdentity securityIdentity) Authorizes and caches the given securityIdentity.
void	setSecurityDomain(SecurityDomain securityDomain) Set the current SecurityDomain in order to obtain identities from the cache

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CachedIdentityAuthorizeCallback

public CachedIdentityAuthorizeCallback(org.wildfly.security.cache.IdentityCache identityCache)

Creates a new instance in order to authorize identities managed by the given identityCache.

Parameters:

identityCache - the identity cache

CachedIdentityAuthorizeCallback

public CachedIdentityAuthorizeCallback(org.wildfly.security.cache.IdentityCache identityCache,
                                       boolean localCache)

Creates a new instance in order to authorize identities managed by the given identityCache.

Parameters:

identityCache - the identity cache

localCache - if true, indicates that authorization should be based on the given identityCache only. In case the mechanism performing the authorization is wrapped by another one that provides a top-level cache (eg.: SSO), only the given identityCache will be considered.

CachedIdentityAuthorizeCallback

public CachedIdentityAuthorizeCallback(Function<SecurityDomain,org.wildfly.security.cache.IdentityCache> identityCache,
                                       boolean localCache)

Creates a new instance in order to authorize identities managed by the given identityCache.

This constructor can be used to perform caching operations (e.g.: put, get and remove) in the context of a SecurityDomain.

Parameters:

identityCache - a function that creates an IdentityCache given a SecurityDomain

localCache - if true, indicates that authorization should be based on the given identityCache only. In case the mechanism performing the authorization is wrapped by another one that provides a top-level cache (eg.: SSO), only the given identityCache will be considered.

CachedIdentityAuthorizeCallback

public CachedIdentityAuthorizeCallback(String name,
                                       org.wildfly.security.cache.IdentityCache identityCache)

Creates a new instance to authenticate, authorize and cache the identity associated with the given name.

Parameters:

name - the name associated with the identity

identityCache - the identity cache

CachedIdentityAuthorizeCallback

public CachedIdentityAuthorizeCallback(Principal principal,
                                       org.wildfly.security.cache.IdentityCache identityCache,
                                       boolean localCache)

Creates a new instance to authenticate, authorize and cache the identity associated with the given principal.

Parameters:

principal - the principal associated with the identity

identityCache - the identity cache

localCache - if true, indicates that authorization should be based on the given identityCache only. In case the mechanism performing the authorization is wrapped by another one that provides a top-level cache (eg.: SSO), only the given identityCache will be considered.

CachedIdentityAuthorizeCallback

public CachedIdentityAuthorizeCallback(Principal principal,
                                       org.wildfly.security.cache.IdentityCache identityCache)

Creates a new instance to authenticate, authorize and cache the identity associated with the given principal.

Parameters:

principal - the principal associated with the identity

identityCache - the identity cache

CachedIdentityAuthorizeCallback

public CachedIdentityAuthorizeCallback(Principal principal,
                                       Function<SecurityDomain,org.wildfly.security.cache.IdentityCache> identityCache,
                                       boolean localCache)

Creates a new instance to authenticate, authorize and cache the identity associated with the given principal.

This constructor can be used to perform caching operations (e.g.: put, get and remove) in the context of a SecurityDomain.

Parameters:

principal - the principal associated with the identity

identityCache - a function that creates an IdentityCache given a SecurityDomain

localCache - if true, indicates that authorization should be based on the given identityCache only. In case the mechanism performing the authorization is wrapped by another one that provides a top-level cache (eg.: SSO), only the given identityCache will be considered.

Method Detail

isAuthorized

public boolean isAuthorized()

Indicates if a cached identity was successfully authorized.

Returns:

true if the cached identity was successfully authorized. Otherwise, false

setAuthorized

public void setAuthorized(SecurityIdentity securityIdentity)

Authorizes and caches the given securityIdentity.

Parameters:

securityIdentity - the identity to authorize and cache. If null, the corresponding identity will be removed from the cache

getPrincipal

public Principal getPrincipal()

Returns the Principal representing the cached identity.

Returns:

the principal (not null)

getAuthorizationPrincipal

public Principal getAuthorizationPrincipal()

Returns the authorization Principal.

Returns:

the principal (not null)

getIdentity

public SecurityIdentity getIdentity()

Returns a cached SecurityIdentity, if present in the cache.

Returns:

the cached identity or null if there is no entry in the cache

isLocalCache

public boolean isLocalCache()

Indicates if authorization decisions should be performed based on the given IdentityCache only.

Returns:

true indicating that authorization decisions should be performed based on the given IdentityCache only. Otherwise, false

setSecurityDomain

public void setSecurityDomain(SecurityDomain securityDomain)

Set the current SecurityDomain in order to obtain identities from the cache

Parameters:

securityDomain - the current security domain

isOptional

public boolean isOptional()

Description copied from interface: ExtendedCallback

Determine if this callback is optional.

Specified by:

isOptional in interface ExtendedCallback

Returns:

true if the callback is optional, false if it is mandatory

needsInformation

public boolean needsInformation()

Description copied from interface: ExtendedCallback

Determine if this callback is requesting information.

Specified by:

needsInformation in interface ExtendedCallback

Returns:

true if the callback is requesting information, false if it is only providing information