Package org.wildfly.security.auth.realm

Class SimpleMapBackedSecurityRealm

  • All Implemented Interfaces:
    SecurityRealm
    public class SimpleMapBackedSecurityRealm
extends Object
implements SecurityRealm
    Simple map-backed security realm. Uses an in-memory copy-on-write map methodology to map user names to entries. Since this security realm implementation holds all names in memory, it may not be the best choice for very large security realms.
    Author:
    David M. Lloyd, Darran Lofthouse

    • Constructor Detail

      • SimpleMapBackedSecurityRealm

        public SimpleMapBackedSecurityRealm​(NameRewriter rewriter)
        Construct a new instance.
        Parameters:
        rewriter - the name rewriter to use (cannot be null)

      • SimpleMapBackedSecurityRealm

        public SimpleMapBackedSecurityRealm​(NameRewriter rewriter,
                                    Supplier<Provider[]> providers)
        Construct a new instance.
        Parameters:
        rewriter - the name rewriter to use (cannot be null)
        providers - a supplier of providers for use by this realm (cannot be null)

      • SimpleMapBackedSecurityRealm

        public SimpleMapBackedSecurityRealm()
        Construct a new instance.

      • SimpleMapBackedSecurityRealm

        public SimpleMapBackedSecurityRealm​(Supplier<Provider[]> providers)
        Construct a new instance.
        Parameters:
        providers - a supplier of providers for use by this realm (cannot be null)

    • Method Detail

      • setIdentityMap

        public void setIdentityMap​(Map<String,​SimpleRealmEntry> map)
        Set the realm identity map. Note that the entry map must not be modified after calling this method. If it needs to be changed, pass in a new map that is a copy of the old map with the required changes.
        Parameters:
        map - the identity map where key is an identity name and value is an identity entry

      • setPasswordMap

        @Deprecated
public void setPasswordMap​(Map<String,​SimpleRealmEntry> map)
        Deprecated.
        Use setIdentityMap(Map) instead.
        Set the realm identity map. Note that the entry map must not be modified after calling this method. If it needs to be changed, pass in a new map that is a copy of the old map with the required changes.
        Parameters:
        map - the identity map

      • setPasswordMap

        @Deprecated
public void setPasswordMap​(String name,
                           Password password,
                           Attributes attributes)
        Deprecated.
        Use setIdentityMap(Map) instead.
        Set the realm identity map to contain a single entry.
        Parameters:
        name - the entry name
        password - the password
        attributes - the identity attributes

      • setPasswordMap

        @Deprecated
public void setPasswordMap​(String name,
                           Password password)
        Deprecated.
        Use setIdentityMap(Map) instead.
        Set the realm identity map to contain a single entry.
        Parameters:
        name - the entry name
        password - the password

      • getRealmIdentity

        public RealmIdentity getRealmIdentity​(Principal principal)
        Description copied from interface: SecurityRealm
        Get a handle for to the identity for the given principal in the context of this security realm. Any validation / name mapping is an implementation detail for the realm. The identity may or may not exist. The returned handle must be cleaned up by a call to RealmIdentity.dispose().
        Specified by:
        getRealmIdentity in interface SecurityRealm
        Parameters:
        principal - the principal which identifies the identity within the realm (must not be null)
        Returns:
        the RealmIdentity for the provided principal (not null)

      • getCredentialAcquireSupport

        public SupportLevel getCredentialAcquireSupport​(Class<? extends Credential> credentialType,
                                                String algorithmName,
                                                AlgorithmParameterSpec parameterSpec)
                                         throws RealmUnavailableException
        Description copied from interface: SecurityRealm
        Determine whether a credential of the given type and algorithm is definitely obtainable, possibly obtainable (for] some identities), or definitely not obtainable.
        Specified by:
        getCredentialAcquireSupport in interface SecurityRealm
        Parameters:
        credentialType - the exact credential type (must not be null)
        algorithmName - the algorithm name, or null if any algorithm is acceptable or the credential type does not support algorithm names
        parameterSpec - the algorithm parameters to match, or null if any parameters are acceptable or the credential type does not support algorithm parameters
        Returns:
        the level of support for this credential
        Throws:
        RealmUnavailableException - if the realm is not able to handle requests for any reason

      • getEvidenceVerifySupport

        public SupportLevel getEvidenceVerifySupport​(Class<? extends Evidence> evidenceType,
                                             String algorithmName)
                                      throws RealmUnavailableException
        Description copied from interface: SecurityRealm
        Determine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), or definitely not verifiable.
        Specified by:
        getEvidenceVerifySupport in interface SecurityRealm
        Parameters:
        evidenceType - the type of evidence to be verified (must not be null)
        algorithmName - the algorithm name, or null if any algorithm is acceptable or the evidence type does not support algorithm names
        Returns:
        the level of support for this evidence type
        Throws:
        RealmUnavailableException - if the realm is not able to handle requests for any reason