Interface SecurityContext


  • public interface SecurityContext
    An injectable interface that provides access to security related information.
    Since:
    1.0
    See Also:
    Context
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String BASIC_AUTH
      String identifier for Basic authentication.
      static java.lang.String CLIENT_CERT_AUTH
      String identifier for Client Certificate authentication.
      static java.lang.String DIGEST_AUTH
      String identifier for Digest authentication.
      static java.lang.String FORM_AUTH
      String identifier for Form authentication.
    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      java.lang.String getAuthenticationScheme()
      Returns the string value of the authentication scheme used to protect the resource.
      java.security.Principal getUserPrincipal()
      Returns a java.security.Principal object containing the name of the current authenticated user.
      boolean isSecure()
      Returns a boolean indicating whether this request was made using a secure channel, such as HTTPS.
      boolean isUserInRole​(java.lang.String role)
      Returns a boolean indicating whether the authenticated user is included in the specified logical "role".
    • Field Detail

      • BASIC_AUTH

        static final java.lang.String BASIC_AUTH
        String identifier for Basic authentication. Value "BASIC"
        See Also:
        Constant Field Values
      • CLIENT_CERT_AUTH

        static final java.lang.String CLIENT_CERT_AUTH
        String identifier for Client Certificate authentication. Value "CLIENT_CERT"
        See Also:
        Constant Field Values
      • DIGEST_AUTH

        static final java.lang.String DIGEST_AUTH
        String identifier for Digest authentication. Value "DIGEST"
        See Also:
        Constant Field Values
      • FORM_AUTH

        static final java.lang.String FORM_AUTH
        String identifier for Form authentication. Value "FORM"
        See Also:
        Constant Field Values
    • Method Detail

      • getUserPrincipal

        java.security.Principal getUserPrincipal()
        Returns a java.security.Principal object containing the name of the current authenticated user. If the user has not been authenticated, the method returns null.
        Returns:
        a java.security.Principal containing the name of the user making this request; null if the user has not been authenticated
        Throws:
        java.lang.IllegalStateException - if called outside the scope of a request
      • isUserInRole

        boolean isUserInRole​(java.lang.String role)
        Returns a boolean indicating whether the authenticated user is included in the specified logical "role". If the user has not been authenticated, the method returns false.
        Parameters:
        role - a String specifying the name of the role
        Returns:
        a boolean indicating whether the user making the request belongs to a given role; false if the user has not been authenticated
        Throws:
        java.lang.IllegalStateException - if called outside the scope of a request
      • isSecure

        boolean isSecure()
        Returns a boolean indicating whether this request was made using a secure channel, such as HTTPS.
        Returns:
        true if the request was made using a secure channel, false otherwise
        Throws:
        java.lang.IllegalStateException - if called outside the scope of a request
      • getAuthenticationScheme

        java.lang.String getAuthenticationScheme()
        Returns the string value of the authentication scheme used to protect the resource. If the resource is not authenticated, null is returned. Values are the same as the CGI variable AUTH_TYPE
        Returns:
        one of the static members BASIC_AUTH, FORM_AUTH, CLIENT_CERT_AUTH, DIGEST_AUTH (suitable for == comparison) or the container-specific string indicating the authentication scheme, or null if the request was not authenticated.
        Throws:
        java.lang.IllegalStateException - if called outside the scope of a request