FileDocCategorySizeDatePackage
SecurityManager.javaAPI DocGlassfish v2 API4314Fri May 04 22:33:16 BST 2007com.sun.enterprise

SecurityManager

public interface SecurityManager
This interface is used by the Container to manage access to EJBs. The container has a reference to an implementation of this interface.
author
Harish Prabandham

Fields Summary
Constructors Summary
Methods Summary
public booleanauthorize(Invocation inv)

param
The Invocation object containing the details of the invocation.
return
true if the client is allowed to invoke the EJB, false otherwise.

public voiddestroy()
Call this method to clean up all the bookeeping
data-structures in the SM.
public java.lang.ObjectdoAsPrivileged(java.security.PrivilegedExceptionAction pea)
public java.security.PrincipalgetCallerPrincipal()
return
The Principal of the client who made the current
invocation.
public javax.security.auth.SubjectgetCurrentSubject()
This will return the subject associated with the current
call. If the run as subject is in effect. It will return that
subject. This is done to support the JACC specification which says
if the runas principal is in effect, that principal should be used
for making a component call.
return
Subject the current subject. Null if this is not the
runas case
public booleanisCallerInRole(java.lang.String role)
return
A boolean true/false depending on whether or not the caller
has the specified role.
param
The EJB developer specified "logical role".
public voidpostInvoke(ComponentInvocation inv)
This method is used by the Invocation Manager to remove
the run-as identity information that was set up using the
preInvoke
param
ComponentInvocation
public voidpreInvoke(ComponentInvocation inv)
This sets up the security context - if not set
and does run-as related login if required
param
ComponentInvocation