SecurityService

All Superinterfaces:

Service

All Known Implementing Classes:

AbstractSecurityService, PseudoSecurityService, SecurityServiceImpl, TomcatSecurityService
```
public interface SecurityService<T>
extends Service
```
The generic value T is any serializable token of the SecurityService implementations choosing. This token only needs to be understandable by the SecurityService internally and need not be a publicly usable class type. No part of the outlying system will make any assumptions as to the type of the object. The use of a java generic type is to express the required symmetry in the interface.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`void`	`associate(T securityIdentity)` Active
`java.lang.Object`	`currentState()`
`T`	`disassociate()` Active
`java.security.Principal`	`getCallerPrincipal()` Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.
`boolean`	`isCallerAuthorized(java.lang.reflect.Method method, InterfaceType type)` Active
`boolean`	`isCallerInRole(java.lang.String role)` Active
`T`	`login(java.lang.String user, java.lang.String pass)`
`T`	`login(java.lang.String securityRealm, java.lang.String user, java.lang.String pass)`
`void`	`logout(T securityIdentity)` Active
`void`	`onLogout(HttpServletRequest request)` Called when request.logout() is triggered.
`void`	`setState(java.lang.Object o)`

Methods inherited from interface org.apache.openejb.spi.Service
init

Method Detail

login

T login(java.lang.String user,
        java.lang.String pass)
 throws javax.security.auth.login.LoginException

Throws:: javax.security.auth.login.LoginException

login

T login(java.lang.String securityRealm,
        java.lang.String user,
        java.lang.String pass)
 throws javax.security.auth.login.LoginException

Throws:: javax.security.auth.login.LoginException

associate

void associate(T securityIdentity)
        throws javax.security.auth.login.LoginException

Active

Throws:: javax.security.auth.login.LoginException

disassociate
```
T disassociate()
```
Active

logout

void logout(T securityIdentity)
     throws javax.security.auth.login.LoginException

Active

Throws:: javax.security.auth.login.LoginException

isCallerInRole

boolean isCallerInRole(java.lang.String role)

Active

getCallerPrincipal
```
java.security.Principal getCallerPrincipal()
```
Implementors are encouraged to return a java.security.Principal object that implements org.apache.openejb.spi.CallerPrincipal JAAS LoginModule implementors are encouraged to use the CallerPrincipal interface to denote the best fitting Principal for getCallerPrincipal.

isCallerAuthorized

boolean isCallerAuthorized(java.lang.reflect.Method method,
                           InterfaceType type)

Active

setState
```
void setState(java.lang.Object o)
```

currentState
```
java.lang.Object currentState()
```

onLogout
```
void onLogout(HttpServletRequest request)
```
Called when request.logout() is triggered. Intended to remove context propagation.

Parameters:

request - the http request triggering the logout.

Interface SecurityService<T>

Method Summary

Methods inherited from interface org.apache.openejb.spi.Service

Method Detail

login

login

associate

disassociate

logout

isCallerInRole

getCallerPrincipal

isCallerAuthorized

setState

currentState

onLogout