|
IBM WebSphere Application ServerTM Release 8 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface AccessManager
The AccessManager provides application security role functions.
Method Summary | |
---|---|
void |
checkAccess(java.lang.String appName,
java.lang.String resourceName,
java.lang.String methodName,
java.lang.String resourceType,
java.lang.String[] rolesAllowed,
boolean isDenyAll,
boolean isPermitAll,
javax.security.auth.Subject subject)
The checkAccess method determines if a given subject has access to any of a given set of roles within the context of a given application. |
void |
popApplicationContext(java.lang.String appName)
The popApplicationContext method signals a return of control from the specified application. |
boolean |
pushApplicationContext(java.lang.String appName)
The pushApplicationContext method signals a flow of control into the specified application. |
java.lang.Object |
runAs(java.lang.String appName,
java.lang.String resourceName,
java.lang.String methodName,
java.lang.String runAsRole,
java.security.PrivilegedExceptionAction action)
The runAs method performs the given PrivilegedExceptionAction with the Java thread identity set to the user associated with a given runAs role. |
Method Detail |
---|
boolean pushApplicationContext(java.lang.String appName)
appName
- - name of the application
void popApplicationContext(java.lang.String appName)
appName
- - name of the application
java.lang.IllegalArgumentException
- if the application name does not match the one
used on the preceding pushApplicationContext call
EmptyStackException
- if there is no active application context on the threadvoid checkAccess(java.lang.String appName, java.lang.String resourceName, java.lang.String methodName, java.lang.String resourceType, java.lang.String[] rolesAllowed, boolean isDenyAll, boolean isPermitAll, javax.security.auth.Subject subject) throws AccessException
appName
- - name of the applicationresourceName
- - name of the target object, for example a bean namemethodName
- - name of the method invoked on the target objectresourceType
- - identifier that describes the type of resourcerolesAllowed
- - array of role names to be checked for permissionisDenyAll
- - indicates whether to always deny accessisPermitAll
- - indicates whether to always permit accesssubject
- - holds the credentials of the principal to be verified
AccessException
- Thrown if access is deniedjava.lang.Object runAs(java.lang.String appName, java.lang.String resourceName, java.lang.String methodName, java.lang.String runAsRole, java.security.PrivilegedExceptionAction action) throws java.security.PrivilegedActionException, DelegationException
appName
- - name of the applicationresourceName
- - name of the target object, for example a bean namemethodName
- - name of the method invoked on the target objectrunAsRole
- - name of RunAs roleaction
- - the action to perform
java.security.PrivilegedActionException
- if the action's run method threw a checked exception
DelegationException
- if there is an error setting the thread identity from the runAs role
|
IBM WebSphere Application ServerTM Release 8 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |