/hazelcast/src/main/java/com/hazelcast/security/SecurityContext.java

https://bitbucket.org/gabral6_gmailcom/hazelcast · Java · 91 lines · 17 code · 10 blank · 64 comment · 0 complexity · 6fa913dd68bf6ee80377f95f2118e73c MD5 · raw file

  1. /*
  2. * Copyright (c) 2008-2013, Hazelcast, Inc. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License, Version 2.0 (the "License");
  5. * you may not use this file except in compliance with the License.
  6. * You may obtain a copy of the License at
  7. *
  8. * http://www.apache.org/licenses/LICENSE-2.0
  9. *
  10. * Unless required by applicable law or agreed to in writing, software
  11. * distributed under the License is distributed on an "AS IS" BASIS,
  12. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13. * See the License for the specific language governing permissions and
  14. * limitations under the License.
  15. */
  16. package com.hazelcast.security;
  17. import javax.security.auth.Subject;
  18. import javax.security.auth.login.LoginContext;
  19. import javax.security.auth.login.LoginException;
  20. import java.security.AccessControlException;
  21. import java.security.Permission;
  22. import java.security.PrivilegedExceptionAction;
  23. import java.util.concurrent.Callable;
  24. /**
  25. * SecurityContext is responsible for managing lifecycle of security object such as
  26. * {@link ICredentialsFactory}, {@link IPermissionPolicy} etc, to creating {@link LoginContext}es
  27. * for member and client authentications and checking permissions for client operations.
  28. */
  29. public interface SecurityContext {
  30. /**
  31. * Creates member {@link LoginContext}.
  32. *
  33. * @param credentials member credentials
  34. * @return {@link LoginContext}
  35. * @throws LoginException
  36. */
  37. LoginContext createMemberLoginContext(Credentials credentials) throws LoginException;
  38. /**
  39. * Creates client {@link LoginContext}.
  40. *
  41. * @param credentials client credentials
  42. * @return {@link LoginContext}
  43. * @throws LoginException
  44. */
  45. LoginContext createClientLoginContext(Credentials credentials) throws LoginException;
  46. /**
  47. * Returns current {@link ICredentialsFactory}.
  48. *
  49. * @return {@link ICredentialsFactory}
  50. */
  51. ICredentialsFactory getCredentialsFactory();
  52. /**
  53. * Checks whether current {@link Subject} has been granted specified permission or not.
  54. *
  55. * @param permission
  56. * @throws AccessControlException
  57. */
  58. void checkPermission(Permission permission) throws AccessControlException;
  59. /**
  60. * Performs privileged work as a particular <code>Subject</code>.
  61. *
  62. * @param subject
  63. * @param action
  64. * @return result returned by the PrivilegedExceptionAction run method.
  65. * @throws SecurityException
  66. */
  67. <T> T doAsPrivileged(Subject subject, PrivilegedExceptionAction<T> action) throws Exception, SecurityException;
  68. /**
  69. * Creates secure callable that runs in a sandbox.
  70. *
  71. * @param <V> return type of callable
  72. * @param subject
  73. * @param callable
  74. * @return result of callable
  75. */
  76. <V> SecureCallable<V> createSecureCallable(Subject subject, Callable<V> callable);
  77. /**
  78. * Destroys {@link SecurityContext} and all security elements.
  79. */
  80. void destroy();
  81. }