SecurityContext.java

/hazelcast/src/main/java/com/hazelcast/security/SecurityContext.java

https://bitbucket.org/gabral6_gmailcom/hazelcast
Java | 91 lines | 17 code | 10 blank | 64 comment | 0 complexity | 6fa913dd68bf6ee80377f95f2118e73c MD5 | raw file
 1/*
 2 * Copyright (c) 2008-2013, Hazelcast, Inc. All Rights Reserved.
 3 *
 4 * Licensed under the Apache License, Version 2.0 (the "License");
 5 * you may not use this file except in compliance with the License.
 6 * You may obtain a copy of the License at
 7 *
 8 * http://www.apache.org/licenses/LICENSE-2.0
 9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.hazelcast.security;
18
19import javax.security.auth.Subject;
20import javax.security.auth.login.LoginContext;
21import javax.security.auth.login.LoginException;
22import java.security.AccessControlException;
23import java.security.Permission;
24import java.security.PrivilegedExceptionAction;
25import java.util.concurrent.Callable;
26
27/**
28 * SecurityContext is responsible for managing lifecycle of security object such as
29 * {@link ICredentialsFactory}, {@link IPermissionPolicy} etc, to creating {@link LoginContext}es
30 * for member and client authentications and checking permissions for client operations.
31 */
32public interface SecurityContext {
33
34    /**
35     * Creates member {@link LoginContext}.
36     *
37     * @param credentials member credentials
38     * @return {@link LoginContext}
39     * @throws LoginException
40     */
41    LoginContext createMemberLoginContext(Credentials credentials) throws LoginException;
42
43    /**
44     * Creates client {@link LoginContext}.
45     *
46     * @param credentials client credentials
47     * @return {@link LoginContext}
48     * @throws LoginException
49     */
50    LoginContext createClientLoginContext(Credentials credentials) throws LoginException;
51
52    /**
53     * Returns current {@link ICredentialsFactory}.
54     *
55     * @return {@link ICredentialsFactory}
56     */
57    ICredentialsFactory getCredentialsFactory();
58
59    /**
60     * Checks whether current {@link Subject} has been granted specified permission or not.
61     *
62     * @param permission
63     * @throws AccessControlException
64     */
65    void checkPermission(Permission permission) throws AccessControlException;
66
67    /**
68     * Performs privileged work as a particular <code>Subject</code>.
69     *
70     * @param subject
71     * @param action
72     * @return result returned by the PrivilegedExceptionAction run method.
73     * @throws SecurityException
74     */
75    <T> T doAsPrivileged(Subject subject, PrivilegedExceptionAction<T> action) throws Exception, SecurityException;
76
77    /**
78     * Creates secure callable that runs in a sandbox.
79     *
80     * @param <V>      return type of callable
81     * @param subject
82     * @param callable
83     * @return result of callable
84     */
85    <V> SecureCallable<V> createSecureCallable(Subject subject, Callable<V> callable);
86
87    /**
88     * Destroys {@link SecurityContext} and all security elements.
89     */
90    void destroy();
91}