Package org.wildfly.security.auth.realm

Class AggregateSecurityRealm

  • All Implemented Interfaces:
    SecurityRealm
    public final class AggregateSecurityRealm
extends Object
implements SecurityRealm
    A realm which directs authentication to one realm and authorization to another. The authentication realm need not provide any authorization information. Likewise the authorization realm need not provide any authentication credential acquisition or verification capabilities.
    Author:
    David M. Lloyd

    • Constructor Detail

      • AggregateSecurityRealm

        public AggregateSecurityRealm​(SecurityRealm authenticationRealm,
                              SecurityRealm authorizationRealm)
        Construct a new instance.
        Parameters:
        authenticationRealm - the realm to use for authentication
        authorizationRealm - the realm to use for authorization

      • AggregateSecurityRealm

        public AggregateSecurityRealm​(SecurityRealm authenticationRealm,
                              SecurityRealm... authorizationRealms)

    • Method Detail

      • getCredentialAcquireSupport

        public SupportLevel getCredentialAcquireSupport​(Class<? extends Credential> credentialType,
                                                String algorithmName,
                                                AlgorithmParameterSpec parameterSpec)
                                         throws RealmUnavailableException
        Description copied from interface: SecurityRealm
        Determine whether a credential of the given type and algorithm is definitely obtainable, possibly obtainable (for] some identities), or definitely not obtainable.
        Specified by:
        getCredentialAcquireSupport in interface SecurityRealm
        Parameters:
        credentialType - the exact credential type (must not be null)
        algorithmName - the algorithm name, or null if any algorithm is acceptable or the credential type does not support algorithm names
        parameterSpec - the algorithm parameters to match, or null if any parameters are acceptable or the credential type does not support algorithm parameters
        Returns:
        the level of support for this credential
        Throws:
        RealmUnavailableException - if the realm is not able to handle requests for any reason

      • getEvidenceVerifySupport

        public SupportLevel getEvidenceVerifySupport​(Class<? extends Evidence> evidenceType,
                                             String algorithmName)
                                      throws RealmUnavailableException
        Description copied from interface: SecurityRealm
        Determine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), or definitely not verifiable.
        Specified by:
        getEvidenceVerifySupport in interface SecurityRealm
        Parameters:
        evidenceType - the type of evidence to be verified (must not be null)
        algorithmName - the algorithm name, or null if any algorithm is acceptable or the evidence type does not support algorithm names
        Returns:
        the level of support for this evidence type
        Throws:
        RealmUnavailableException - if the realm is not able to handle requests for any reason

      • handleRealmEvent

        public void handleRealmEvent​(RealmEvent event)
        Description copied from interface: SecurityRealm
        Handle a realm event. These events allow the realm to act upon occurrences that are relevant to policy of the realm; for example, the realm may choose to increase password iteration count on authentication success, or change the salt of a password after a certain number of authentications.

        The default implementation does nothing.

        Specified by:
        handleRealmEvent in interface SecurityRealm
        Parameters:
        event - the realm event