Class CachedIdentityAuthorizeCallback
- java.lang.Object
-
- org.wildfly.security.auth.callback.CachedIdentityAuthorizeCallback
-
- All Implemented Interfaces:
Callback
,ExtendedCallback
public class CachedIdentityAuthorizeCallback extends Object implements ExtendedCallback
A callback that is capable of perform authorization based on the identities managed by an
IdentityCache
.This callback can be used in two ways:
- As an alternative to
AuthorizeCallback
. As a result, the identity (if successfully authorized) will be cached - To perform a lookup in the cache and authorize the cached identity locally
- Author:
- Pedro Igor
-
-
Constructor Summary
Constructors Constructor Description CachedIdentityAuthorizeCallback(String name, org.wildfly.security.cache.IdentityCache identityCache)
Creates a new instance to authenticate, authorize and cache the identity associated with the givenname
.CachedIdentityAuthorizeCallback(Principal principal, Function<SecurityDomain,org.wildfly.security.cache.IdentityCache> identityCache, boolean localCache)
Creates a new instance to authenticate, authorize and cache the identity associated with the givenprincipal
.CachedIdentityAuthorizeCallback(Principal principal, org.wildfly.security.cache.IdentityCache identityCache)
Creates a new instance to authenticate, authorize and cache the identity associated with the givenprincipal
.CachedIdentityAuthorizeCallback(Principal principal, org.wildfly.security.cache.IdentityCache identityCache, boolean localCache)
Creates a new instance to authenticate, authorize and cache the identity associated with the givenprincipal
.CachedIdentityAuthorizeCallback(Function<SecurityDomain,org.wildfly.security.cache.IdentityCache> identityCache, boolean localCache)
Creates a new instance in order to authorize identities managed by the givenidentityCache
.CachedIdentityAuthorizeCallback(org.wildfly.security.cache.IdentityCache identityCache)
Creates a new instance in order to authorize identities managed by the givenidentityCache
.CachedIdentityAuthorizeCallback(org.wildfly.security.cache.IdentityCache identityCache, boolean localCache)
Creates a new instance in order to authorize identities managed by the givenidentityCache
.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Principal
getAuthorizationPrincipal()
Returns the authorizationPrincipal
.SecurityIdentity
getIdentity()
Returns a cachedSecurityIdentity
, if present in the cache.Principal
getPrincipal()
Returns thePrincipal
representing the cached identity.boolean
isAuthorized()
Indicates if a cached identity was successfully authorized.boolean
isLocalCache()
Indicates if authorization decisions should be performed based on the givenIdentityCache
only.boolean
isOptional()
Determine if this callback is optional.boolean
needsInformation()
Determine if this callback is requesting information.void
setAuthorized(SecurityIdentity securityIdentity)
Authorizes and caches the givensecurityIdentity
.void
setSecurityDomain(SecurityDomain securityDomain)
Set the currentSecurityDomain
in order to obtain identities from the cache
-
-
-
Constructor Detail
-
CachedIdentityAuthorizeCallback
public CachedIdentityAuthorizeCallback(org.wildfly.security.cache.IdentityCache identityCache)
Creates a new instance in order to authorize identities managed by the givenidentityCache
.- Parameters:
identityCache
- the identity cache
-
CachedIdentityAuthorizeCallback
public CachedIdentityAuthorizeCallback(org.wildfly.security.cache.IdentityCache identityCache, boolean localCache)
Creates a new instance in order to authorize identities managed by the givenidentityCache
.- Parameters:
identityCache
- the identity cachelocalCache
- if true, indicates that authorization should be based on the givenidentityCache
only. In case the mechanism performing the authorization is wrapped by another one that provides a top-level cache (eg.: SSO), only the givenidentityCache
will be considered.
-
CachedIdentityAuthorizeCallback
public CachedIdentityAuthorizeCallback(Function<SecurityDomain,org.wildfly.security.cache.IdentityCache> identityCache, boolean localCache)
Creates a new instance in order to authorize identities managed by the given
identityCache
.This constructor can be used to perform caching operations (e.g.: put, get and remove) in the context of a
SecurityDomain
.- Parameters:
identityCache
- a function that creates anIdentityCache
given aSecurityDomain
localCache
- if true, indicates that authorization should be based on the givenidentityCache
only. In case the mechanism performing the authorization is wrapped by another one that provides a top-level cache (eg.: SSO), only the givenidentityCache
will be considered.
-
CachedIdentityAuthorizeCallback
public CachedIdentityAuthorizeCallback(String name, org.wildfly.security.cache.IdentityCache identityCache)
Creates a new instance to authenticate, authorize and cache the identity associated with the givenname
.- Parameters:
name
- the name associated with the identityidentityCache
- the identity cache
-
CachedIdentityAuthorizeCallback
public CachedIdentityAuthorizeCallback(Principal principal, org.wildfly.security.cache.IdentityCache identityCache, boolean localCache)
Creates a new instance to authenticate, authorize and cache the identity associated with the givenprincipal
.- Parameters:
principal
- the principal associated with the identityidentityCache
- the identity cachelocalCache
- if true, indicates that authorization should be based on the givenidentityCache
only. In case the mechanism performing the authorization is wrapped by another one that provides a top-level cache (eg.: SSO), only the givenidentityCache
will be considered.
-
CachedIdentityAuthorizeCallback
public CachedIdentityAuthorizeCallback(Principal principal, org.wildfly.security.cache.IdentityCache identityCache)
Creates a new instance to authenticate, authorize and cache the identity associated with the givenprincipal
.- Parameters:
principal
- the principal associated with the identityidentityCache
- the identity cache
-
CachedIdentityAuthorizeCallback
public CachedIdentityAuthorizeCallback(Principal principal, Function<SecurityDomain,org.wildfly.security.cache.IdentityCache> identityCache, boolean localCache)
Creates a new instance to authenticate, authorize and cache the identity associated with the given
principal
.This constructor can be used to perform caching operations (e.g.: put, get and remove) in the context of a
SecurityDomain
.- Parameters:
principal
- the principal associated with the identityidentityCache
- a function that creates anIdentityCache
given aSecurityDomain
localCache
- if true, indicates that authorization should be based on the givenidentityCache
only. In case the mechanism performing the authorization is wrapped by another one that provides a top-level cache (eg.: SSO), only the givenidentityCache
will be considered.
-
-
Method Detail
-
isAuthorized
public boolean isAuthorized()
Indicates if a cached identity was successfully authorized.- Returns:
- true if the cached identity was successfully authorized. Otherwise, false
-
setAuthorized
public void setAuthorized(SecurityIdentity securityIdentity)
Authorizes and caches the givensecurityIdentity
.- Parameters:
securityIdentity
- the identity to authorize and cache. If null, the corresponding identity will be removed from the cache
-
getPrincipal
public Principal getPrincipal()
Returns thePrincipal
representing the cached identity.- Returns:
- the principal (not
null
)
-
getAuthorizationPrincipal
public Principal getAuthorizationPrincipal()
Returns the authorizationPrincipal
.- Returns:
- the principal (not
null
)
-
getIdentity
public SecurityIdentity getIdentity()
Returns a cachedSecurityIdentity
, if present in the cache.- Returns:
- the cached identity or null if there is no entry in the cache
-
isLocalCache
public boolean isLocalCache()
Indicates if authorization decisions should be performed based on the givenIdentityCache
only.- Returns:
- true indicating that authorization decisions should be performed based on the given
IdentityCache
only. Otherwise, false
-
setSecurityDomain
public void setSecurityDomain(SecurityDomain securityDomain)
Set the currentSecurityDomain
in order to obtain identities from the cache- Parameters:
securityDomain
- the current security domain
-
isOptional
public boolean isOptional()
Description copied from interface:ExtendedCallback
Determine if this callback is optional.- Specified by:
isOptional
in interfaceExtendedCallback
- Returns:
true
if the callback is optional,false
if it is mandatory
-
needsInformation
public boolean needsInformation()
Description copied from interface:ExtendedCallback
Determine if this callback is requesting information.- Specified by:
needsInformation
in interfaceExtendedCallback
- Returns:
true
if the callback is requesting information,false
if it is only providing information
-
-