org.apache.openejb.client

Class ClientSecurity

java.lang.Object

org.apache.openejb.client.ClientSecurity

public class ClientSecurity
extends Object

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	ClientSecurity.SimpleIdentityResolver

Field Summary

Fields

Modifier and Type	Field and Description
static String	IDENTITY_RESOLVER_STRATEGY

Method Summary

Methods

Modifier and Type	Method and Description
static Object	directAuthentication(String username, String password, ServerMetaData server) This is a helper method for login modules.
static Object	directAuthentication(String securityRealm, String username, String password, ServerMetaData server)
static Object	getIdentity()
static IdentityResolver	getIdentityResolver()
static ServerMetaData	getServer()
static void	login(String username, String password) Login the spedified user using the specified password.
static void	login(String username, String password, boolean threadScoped) Login the spedified user using the specified password either globally for the entire Java Virtural Machine or scoped to the thread.
static void	logout() Clears the thread and global login data.
static void	setIdentityResolver(IdentityResolver identityResolver)
static void	setServer(ServerMetaData server)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

IDENTITY_RESOLVER_STRATEGY

public static final String IDENTITY_RESOLVER_STRATEGY

See Also:

Constant Field Values

Method Detail

getServer

public static ServerMetaData getServer()

setServer

public static void setServer(ServerMetaData server)

login

public static void login(String username,
         String password)
                  throws FailedLoginException

Login the spedified user using the specified password. This is a global login for the entire Java Virtural Machine. If you would like to have a thread scoped login, use ClientSecurity.login(username, password, true);

This is the equivalent of ClientSecurity.login(username, password, false);

Parameters:

username - the user to login

password - the password for the user

Throws:

FailedLoginException - if the username and password combination are not valid or if there is a problem communiating with the server

login

public static void login(String username,
         String password,
         boolean threadScoped)
                  throws FailedLoginException

Login the spedified user using the specified password either globally for the entire Java Virtural Machine or scoped to the thread.

When using thread scoped login, you should logout in a finally block. This particularly when using thread pools. If a thread is returned to the pool with a login attached to the thread the next user of that thread will inherit the thread scoped login.

Parameters:

username - the user to login

password - the password for the user

threadScoped - if true the login is scoped to the thread; otherwise the login is global for the entire Java Virtural Machine

Throws:

FailedLoginException - if the username and password combination are not valid or if there is a problem communiating with the server

logout

public static void logout()

Clears the thread and global login data.

directAuthentication

public static Object directAuthentication(String username,
                          String password,
                          ServerMetaData server)
                                   throws FailedLoginException

This is a helper method for login modules. Directly authenticates with the server using the specified username and password returning the identity token for the client. This methods does not store the identity token and the caller must arrange for the to be available to the OpenEJB proxies via an IdentityResolver.

Parameters:

username - the username for authentication

password - the password for authentication

server - ServerMetaData

Returns:

the client identity token

Throws:

FailedLoginException - if the username password combination is not valid

directAuthentication

public static Object directAuthentication(String securityRealm,
                          String username,
                          String password,
                          ServerMetaData server)
                                   throws FailedLoginException

Throws:

FailedLoginException

getIdentity

public static Object getIdentity()

getIdentityResolver

public static IdentityResolver getIdentityResolver()

setIdentityResolver

public static void setIdentityResolver(IdentityResolver identityResolver)