Docjar: A Java Source and Docuemnt Enginecom.*    java.*    javax.*    org.*    all    new    plug-in

Quick Search    Search Deep
Overview  Package   Class  Use  Deprecated  Index 
Home >> All >> org >> [ acegisecurity overview ]  PREV CLASS  NEXT CLASS
SUMMARY: JavaDoc of org.acegisecurity.RunAsManager JAVADOC | Sourc code of org.acegisecurity.RunAsManager SOURCE | Download org.acegisecurity.RunAsManager DOWNLOAD | NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.acegisecurity
Interface RunAsManager  view RunAsManager download RunAsManager.java

public interface RunAsManager

Creates a new temporary Authentication object for the current secure object invocation only.

This interface permits implementations to replace the Authentication object that applies to the current secure object invocation only. The org.acegisecurity.intercept.AbstractSecurityInterceptor will replace the Authentication object held in the SecurityContext for the duration of the secure object callback only, returning it to the original Authentication object when the callback ends.

This is provided so that systems with two layers of objects can be established. One layer is public facing and has normal secure methods with the granted authorities expected to be held by external callers. The other layer is private, and is only expected to be called by objects within the public facing layer. The objects in this private layer still need security (otherwise they would be public methods) and they also need security in such a manner that prevents them being called directly by external callers. The objects in the private layer would be configured to require granted authorities never granted to external callers. The RunAsManager interface provides a mechanism to elevate security in this manner.

It is expected implementations will provide a corresponding concrete Authentication and AuthenticationProvider so that the replacement Authentication object can be authenticated. Some form of security will need to be implemented to ensure the AuthenticationProvider only accepts Authentication objects created by an authorized concrete implementation of RunAsManager.

Version:
$Id: RunAsManager.java,v 1.7 2005/11/17 00:55:49 benalex Exp $

Method Summary
 Authentication buildRunAs(Authentication authentication, java.lang.Object object, ConfigAttributeDefinition config)
          Returns a replacement Authentication object for the current secure object invocation, or null if replacement not required.
 boolean supports(ConfigAttribute attribute)
          Indicates whether this RunAsManager is able to process the passed ConfigAttribute.
 

Method Detail

buildRunAs

public Authentication buildRunAs(Authentication authentication,
                                 java.lang.Object object,
                                 ConfigAttributeDefinition config)
Returns a replacement Authentication object for the current secure object invocation, or null if replacement not required.

supports

public boolean supports(ConfigAttribute attribute)
Indicates whether this RunAsManager is able to process the passed ConfigAttribute.

This allows the AbstractSecurityInterceptor to check every configuration attribute can be consumed by the configured AccessDecisionManager and/or RunAsManager and/or AfterInvocationManager.

Overview  Package   Class  Use  Deprecated  Index 
Home >> All >> org >> [ acegisecurity overview ]  PREV CLASS  NEXT CLASS
SUMMARY: JavaDoc of org.acegisecurity.RunAsManager JAVADOC | Sourc code of org.acegisecurity.RunAsManager SOURCE | Download org.acegisecurity.RunAsManager DOWNLOAD | NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD