org.jboss.as.domain.management.security

Class SecurityRealmService

java.lang.Object

org.jboss.as.domain.management.security.SecurityRealmService

All Implemented Interfaces:

SecurityRealm, org.jboss.msc.Service, org.jboss.msc.value.Value<SecurityRealm>

public class SecurityRealmService
extends Object
implements org.jboss.msc.service.Service<SecurityRealm>, SecurityRealm

The service representing the security realm, this service will be injected into any management interfaces requiring any of the capabilities provided by the realm.

Author:

Darran Lofthouse, Richard Opalka

Nested Class Summary

Nested classes/interfaces inherited from interface org.jboss.as.domain.management.SecurityRealm

SecurityRealm.ServiceUtil

Field Summary

Fields

Modifier and Type	Field and Description
static Oid	KERBEROS_V5
static String	LOADED_USERNAME_KEY
static String	SKIP_GROUP_LOADING_KEY
static Oid	SPNEGO

Fields inherited from interface org.jboss.msc.service.Service

NULL, NULL_VALUE

Constructor Summary

Constructors

Constructor and Description
SecurityRealmService(Consumer<SecurityRealm> securityRealmConsumer, Supplier<SubjectSupplementalService> subjectSupplementalSupplier, Supplier<CallbackHandlerFactory> secretCallbackFactorySupplier, Supplier<org.jboss.as.domain.management.security.KeytabIdentityFactoryService> keytabFactorySupplier, Supplier<SSLContext> sslContextSupplier, Supplier<String> tmpDirPathSupplier, Set<Supplier<CallbackHandlerService>> callbackHandlerServices, String name, boolean mapGroupsToRoles)
SecurityRealmService(String name, boolean mapGroupsToRoles) Deprecated.

Method Summary

Modifier and Type	Method and Description
static org.wildfly.security.permission.PermissionVerifier	createPermissionVerifier()
AuthorizingCallbackHandler	getAuthorizingCallbackHandler(AuthMechanism mechanism)
org.wildfly.security.auth.server.HttpAuthenticationFactory	getHttpAuthenticationFactory() Get a HttpAuthenticationFactory backed by this SecurityRealm.
Map<String,String>	getMechanismConfig(AuthMechanism mechanism)
String	getName()
org.wildfly.security.auth.server.SaslAuthenticationFactory	getSaslAuthenticationFactory() Get a SaslAuthenticationFactory backed by this SecurityRealm.
org.wildfly.security.auth.server.SaslAuthenticationFactory	getSaslAuthenticationFactory(String[] mechanismNames, Boolean policyNoanonymous) Get a SaslAuthenticationFactory backed by this SecurityRealm.
CallbackHandlerFactory	getSecretCallbackHandlerFactory()
SSLContext	getSSLContext() Used to obtain the SSLContext as configured for this security realm.
org.jboss.msc.value.InjectedValue<SSLContext>	getSSLContextInjector() Deprecated.
SubjectIdentity	getSubjectIdentity(String protocol, String forHost) Used to obtain a SubjectIdentity containing a Subject for the Kerberos server identity represented by this SecurityRealm.
Set<AuthMechanism>	getSupportedAuthenticationMechanisms()
org.jboss.msc.inject.Injector<String>	getTmpDirPathInjector() Deprecated.
SecurityRealm	getValue() Deprecated.
boolean	isReadyForHttpChallenge() Indicate of this security realm is ready for challenge/response style HTTP authentication.
void	start(org.jboss.msc.service.StartContext context)
void	stop(org.jboss.msc.service.StopContext context)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.jboss.msc.Service

newInstance

Field Detail

LOADED_USERNAME_KEY

public static final String LOADED_USERNAME_KEY

SKIP_GROUP_LOADING_KEY

public static final String SKIP_GROUP_LOADING_KEY

KERBEROS_V5

public static final Oid KERBEROS_V5

SPNEGO

public static final Oid SPNEGO

Constructor Detail

SecurityRealmService

@Deprecated
public SecurityRealmService(String name,
                                        boolean mapGroupsToRoles)

Deprecated.

SecurityRealmService

public SecurityRealmService(Consumer<SecurityRealm> securityRealmConsumer,
                            Supplier<SubjectSupplementalService> subjectSupplementalSupplier,
                            Supplier<CallbackHandlerFactory> secretCallbackFactorySupplier,
                            Supplier<org.jboss.as.domain.management.security.KeytabIdentityFactoryService> keytabFactorySupplier,
                            Supplier<SSLContext> sslContextSupplier,
                            Supplier<String> tmpDirPathSupplier,
                            Set<Supplier<CallbackHandlerService>> callbackHandlerServices,
                            String name,
                            boolean mapGroupsToRoles)

Method Detail

getSSLContextInjector

@Deprecated
public org.jboss.msc.value.InjectedValue<SSLContext> getSSLContextInjector()

Deprecated.

getTmpDirPathInjector

@Deprecated
public org.jboss.msc.inject.Injector<String> getTmpDirPathInjector()

Deprecated.

getValue

@Deprecated
public SecurityRealm getValue()
                                   throws IllegalStateException,
                                          IllegalArgumentException

Deprecated.

Specified by:

getValue in interface org.jboss.msc.value.Value<SecurityRealm>

Throws:

IllegalStateException

IllegalArgumentException

start

public void start(org.jboss.msc.service.StartContext context)
           throws org.jboss.msc.service.StartException

Specified by:

start in interface org.jboss.msc.Service

Throws:

org.jboss.msc.service.StartException

stop

public void stop(org.jboss.msc.service.StopContext context)

Specified by:

stop in interface org.jboss.msc.Service

createPermissionVerifier

public static org.wildfly.security.permission.PermissionVerifier createPermissionVerifier()

getName

public String getName()

Specified by:

getName in interface SecurityRealm

Returns:

The name of this SecurityRealm

getSupportedAuthenticationMechanisms

public Set<AuthMechanism> getSupportedAuthenticationMechanisms()

Specified by:

getSupportedAuthenticationMechanisms in interface SecurityRealm

Returns:

The set of authentication mechanisms supported by this realm.

getMechanismConfig

public Map<String,String> getMechanismConfig(AuthMechanism mechanism)

Specified by:

getMechanismConfig in interface SecurityRealm

Returns:

A Map containing the combined configuration options for the specified mechanisms.

isReadyForHttpChallenge

public boolean isReadyForHttpChallenge()

Description copied from interface: SecurityRealm

Indicate of this security realm is ready for challenge/response style HTTP authentication.

Specified by:

isReadyForHttpChallenge in interface SecurityRealm

Returns:

true if the security realm is ready for challenge/response style HTTP authentication.

getAuthorizingCallbackHandler

public AuthorizingCallbackHandler getAuthorizingCallbackHandler(AuthMechanism mechanism)

Specified by:

getAuthorizingCallbackHandler in interface SecurityRealm

Parameters:

mechanism - - The mechanism being used for authentication.

Returns:

The AuthorizingCallbackHandler for the specified mechanism.

getSubjectIdentity

public SubjectIdentity getSubjectIdentity(String protocol,
                                          String forHost)

Description copied from interface: SecurityRealm

Used to obtain a SubjectIdentity containing a Subject for the Kerberos server identity represented by this SecurityRealm. This method can return null if there is no appropriate identity.

Specified by:

getSubjectIdentity in interface SecurityRealm

Parameters:

protocol - The protocol in use.

forHost - The name of the host this identity should represent.

Returns:

A SubjectIdentity for the server identity or null if none are available.

getSaslAuthenticationFactory

public org.wildfly.security.auth.server.SaslAuthenticationFactory getSaslAuthenticationFactory()

Description copied from interface: SecurityRealm

Get a SaslAuthenticationFactory backed by this SecurityRealm.

Specified by:

getSaslAuthenticationFactory in interface SecurityRealm

Returns:

a SaslAuthenticationFactory backed by this SecurityRealm.

getSaslAuthenticationFactory

public org.wildfly.security.auth.server.SaslAuthenticationFactory getSaslAuthenticationFactory(String[] mechanismNames,
                                                                                               Boolean policyNoanonymous)
                                                                                        throws org.jboss.msc.service.StartException

Description copied from interface: SecurityRealm

Get a SaslAuthenticationFactory backed by this SecurityRealm.

Specified by:

getSaslAuthenticationFactory in interface SecurityRealm

Parameters:

mechanismNames - Allowed mechanisms defined in remoting subsystem by property SASL_MECHANISMS

policyNoanonymous - Value of parameter SASL_POLICY_NOANONYMOUS

Returns:

a SaslAuthenticationFactory backed by this SecurityRealm.

Throws:

org.jboss.msc.service.StartException - When any of mechanismNames is not suuported.

getHttpAuthenticationFactory

public org.wildfly.security.auth.server.HttpAuthenticationFactory getHttpAuthenticationFactory()

Description copied from interface: SecurityRealm

Get a HttpAuthenticationFactory backed by this SecurityRealm.

Specified by:

getHttpAuthenticationFactory in interface SecurityRealm

Returns:

a HttpAuthenticationFactory backed by this SecurityRealm.

getSSLContext

public SSLContext getSSLContext()

Description copied from interface: SecurityRealm

Used to obtain the SSLContext as configured for this security realm.

Specified by:

getSSLContext in interface SecurityRealm

Returns:

the SSLContext server identity for this realm.

getSecretCallbackHandlerFactory

public CallbackHandlerFactory getSecretCallbackHandlerFactory()

Specified by:

getSecretCallbackHandlerFactory in interface SecurityRealm

Returns:

A CallbackHandlerFactory for a pre-configured secret.