1 /*
2 * JBoss, Home of Professional Open Source
3 * Copyright 2005, JBoss Inc., and individual contributors as indicated
4 * by the @authors tag. See the copyright.txt in the distribution for a
5 * full listing of individual contributors.
6 *
7 * This is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU Lesser General Public License as
9 * published by the Free Software Foundation; either version 2.1 of
10 * the License, or (at your option) any later version.
11 *
12 * This software is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this software; if not, write to the Free
19 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21 */
22 package org.jboss.security.plugins;
23
24 import java.security.Principal;
25 import java.util.Set;
26
27 /** An MBean interface that unifies the AuthenticationManager and RealmMapping
28 * security interfaces implemented by a security manager for a given domain
29 * and provides access to this functionality across all domains by including
30 * the security domain name as a method argument.
31 *
32 * @author Scott.Stark@jboss.org
33 * @version $Revision: 37459 $
34 */
35 public interface SecurityManagerMBean
36 {
37
38 /** The isValid method is invoked to see if a user identity and associated
39 credentials as known in the operational environment are valid proof of the
40 user identity.
41 @param securityDomain - the name of the security to use
42 @param principal - the user identity in the operation environment
43 @param credential - the proof of user identity as known in the
44 operation environment
45 @return true if the principal, credential pair is valid, false otherwise.
46 */
47 public boolean isValid(String securityDomain, Principal principal, Object credential);
48
49 /** Map from the operational environment Principal to the application
50 domain principal. This is used by the EJBContext.getCallerPrincipal implentation
51 to map from the authenticated principal to a principal in the application
52 domain.
53 @param principal - the caller principal as known in the operation environment.
54 @return the principal
55 */
56 public Principal getPrincipal(String securityDomain, Principal principal);
57
58 /** Validates the application domain roles to which the operational
59 environment Principal belongs. This may first authenticate the principal
60 as some security manager impls require a preceeding isValid call.
61 @param securityDomain - the name of the security to use
62 @param principal - the user identity in the operation environment
63 @param credential - the proof of user identity as known in the
64 @param roles - Set<Principal> for the application domain roles that the
65 principal is to be validated against.
66 @return true if the principal has at least one of the roles in the roles set,
67 false otherwise.
68 */
69 public boolean doesUserHaveRole(String securityDomain, Principal principal,
70 Object credential, Set roles);
71
72 /** Return the set of domain roles the principal has been assigned.
73 This may first authenticate the principal as some security manager impls
74 require a preceeding isValid call.
75 @param securityDomain - the name of the security to use
76 @param principal - the user identity in the operation environment
77 @param credential - the proof of user identity as known in the
78 @return The Set<Principal> for the application domain roles that the
79 principal has been assigned.
80 */
81 public Set getUserRoles(String securityDomain, Principal principal,
82 Object credential);
83 }
Save This Page