Package org.wildfly.security.auth.realm

Class FailoverSecurityRealm

java.lang.Object

org.wildfly.security.auth.realm.FailoverSecurityRealm

All Implemented Interfaces:

SecurityRealm

public class FailoverSecurityRealm
extends Object
implements SecurityRealm

A realm which wraps one realm and fails over to another in case the first is unavailable.

Author:

Martin Mazanek

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
protected class	FailoverSecurityRealm.FailoverRealmIdentity

Field Summary

Fields

Modifier and Type	Field	Description
protected SecurityRealm	delegateRealm
protected Consumer<RealmUnavailableException>	failoverCallback
protected SecurityRealm	failoverRealm

Fields inherited from interface org.wildfly.security.auth.server.SecurityRealm

EMPTY_REALM

Constructor Summary

Constructors

Constructor	Description
FailoverSecurityRealm(SecurityRealm delegateRealm, SecurityRealm failoverRealm, Consumer<RealmUnavailableException> failoverCallback)	Construct a new instance.

Method Summary

Modifier and Type	Method	Description
protected RealmIdentity	createFailoverIdentity(RealmIdentity identity, Principal principal)
protected RealmIdentity	createFailoverIdentity(RealmIdentity identity, Evidence evidence)
SupportLevel	getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)	Determine whether a credential of the given type and algorithm is definitely obtainable, possibly obtainable (for] some identities), or definitely not obtainable.
SupportLevel	getEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName)	Determine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), or definitely not verifiable.
RealmIdentity	getRealmIdentity(Principal principal)	Get a handle for to the identity for the given principal in the context of this security realm.
RealmIdentity	getRealmIdentity(Evidence evidence)	Get a handle for to the identity for the given evidence in the context of this security realm.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.wildfly.security.auth.server.SecurityRealm

getCredentialAcquireSupport, getRealmIdentity, handleRealmEvent

Field Detail

delegateRealm

protected final SecurityRealm delegateRealm

failoverRealm

protected final SecurityRealm failoverRealm

failoverCallback

protected final Consumer<RealmUnavailableException> failoverCallback

Constructor Detail

FailoverSecurityRealm

public FailoverSecurityRealm(SecurityRealm delegateRealm,
                             SecurityRealm failoverRealm,
                             Consumer<RealmUnavailableException> failoverCallback)

Construct a new instance.

Parameters:

delegateRealm - the wrapped realm

failoverRealm - the realm to use in case delegateRealm is unavailable

failoverCallback - callback function that gets called in case delegateRealm is unavailable

Method Detail

getRealmIdentity

public RealmIdentity getRealmIdentity(Evidence evidence)
                               throws RealmUnavailableException

Description copied from interface: SecurityRealm

Get a handle for to the identity for the given evidence in the context of this security realm. Any validation / name mapping is an implementation detail for the realm. The identity may or may not exist. The returned handle must be cleaned up by a call to RealmIdentity.dispose(). Where this method is used to obtain a RealmIdentity prior to evidence verification the method RealmIdentity.getEvidenceVerifySupport(Class, String) will be used to verify if the identity is usable.

Specified by:

getRealmIdentity in interface SecurityRealm

Parameters:

evidence - an evidence instance which identifies the identity within the realm (must not be null)

Returns:

the RealmIdentity for the provided evidence (not null)

Throws:

RealmUnavailableException

getRealmIdentity

public RealmIdentity getRealmIdentity(Principal principal)
                               throws RealmUnavailableException

Description copied from interface: SecurityRealm

Get a handle for to the identity for the given principal in the context of this security realm. Any validation / name mapping is an implementation detail for the realm. The identity may or may not exist. The returned handle must be cleaned up by a call to RealmIdentity.dispose().

Specified by:

getRealmIdentity in interface SecurityRealm

Parameters:

principal - the principal which identifies the identity within the realm (must not be null)

Returns:

the RealmIdentity for the provided principal (not null)

Throws:

RealmUnavailableException

getCredentialAcquireSupport

public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType,
                                                String algorithmName,
                                                AlgorithmParameterSpec parameterSpec)
                                         throws RealmUnavailableException

Description copied from interface: SecurityRealm

Determine whether a credential of the given type and algorithm is definitely obtainable, possibly obtainable (for] some identities), or definitely not obtainable.

Specified by:

getCredentialAcquireSupport in interface SecurityRealm

Parameters:

credentialType - the exact credential type (must not be null)

algorithmName - the algorithm name, or null if any algorithm is acceptable or the credential type does not support algorithm names

parameterSpec - the algorithm parameters to match, or null if any parameters are acceptable or the credential type does not support algorithm parameters

Returns:

the level of support for this credential

Throws:

RealmUnavailableException - if the realm is not able to handle requests for any reason

getEvidenceVerifySupport

public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> evidenceType,
                                             String algorithmName)
                                      throws RealmUnavailableException

Description copied from interface: SecurityRealm

Determine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), or definitely not verifiable.

Specified by:

getEvidenceVerifySupport in interface SecurityRealm

Parameters:

evidenceType - the type of evidence to be verified (must not be null)

algorithmName - the algorithm name, or null if any algorithm is acceptable or the evidence type does not support algorithm names

Returns:

the level of support for this evidence type

Throws:

RealmUnavailableException - if the realm is not able to handle requests for any reason

createFailoverIdentity

protected RealmIdentity createFailoverIdentity(RealmIdentity identity,
                                               Evidence evidence)

createFailoverIdentity

protected RealmIdentity createFailoverIdentity(RealmIdentity identity,
                                               Principal principal)