File Doc Category Size Date Package
SecurityContext.java API Doc JBoss 4.2.1 2997 Fri Jul 13 21:02:28 BST 2007 org.jboss.aspects.security

SecurityContext

java.lang.Object

public class SecurityContext extends Object

Obtain security information based on the current security domain.

author: Bill Burke
version: $Revision: 57186 $

Fields Summary
protected static ThreadLocal
currentDomain
Constructors Summary
Methods Summary
public static java.security.Principal getCallerPrincipal()
Get the caller's principal
return
return SecurityActions.getCallerPrincipal();
public static java.lang.ThreadLocal getCurrentDomain()
return currentDomain;
public static java.security.Principal getCurrentPrincipal()
Get the current principal. Could be run-as, or propagated
return
return SecurityActions.getPrincipal();
public static boolean isCallerInRole(java.lang.String roleName)
Is the caller's security identity within the role Does not include current run-as
param
roleName
return
return isInRole(getCallerPrincipal(), roleName);
public static boolean isCurrentInRole(java.lang.String roleName)
Checks current identity is within roleName Does include current run-as
param
roleName
return
return isInRole(getCurrentPrincipal(), roleName);
private static boolean isInRole(java.security.Principal principal, java.lang.String roleName)
RealmMapping rm = (RealmMapping)currentDomain.get(); if (rm == null) return false; HashSet set = new HashSet(); set.add(new SimplePrincipal(roleName)); if (principal instanceof RunAsIdentity) { return ((RunAsIdentity)principal).doesUserHaveRole(set); } else { return rm.doesUserHaveRole(principal, set); }