public class SimpleAccount extends Object implements Account, MergableAuthenticationInfo, SaltedAuthenticationInfo, Serializable
Account
interface that
contains principal and credential and authorization information (roles and permissions) as instance variables and
exposes them via getters and setters using standard JavaBean notation.Constructor and Description |
---|
SimpleAccount()
Default no-argument constructor.
|
SimpleAccount(Collection principals,
Object credentials,
String realmName)
Constructs a SimpleAccount instance for the specified realm with the given principals and credentials.
|
SimpleAccount(Collection principals,
Object credentials,
String realmName,
Set<String> roleNames,
Set<Permission> permissions)
Constructs a SimpleAccount instance for the specified realm with the given principals and credentials, with the
the assigned roles and permissions.
|
SimpleAccount(Object principal,
Object hashedCredentials,
ByteSource credentialsSalt,
String realmName)
Constructs a SimpleAccount instance for the specified realm with the given principals, hashedCredentials and
credentials salt used when hashing the credentials.
|
SimpleAccount(Object principal,
Object credentials,
String realmName)
Constructs a SimpleAccount instance for the specified realm with the given principals and credentials.
|
SimpleAccount(Object principal,
Object credentials,
String realmName,
Set<String> roleNames,
Set<Permission> permissions)
Constructs a SimpleAccount instance for the specified realm with the given principal and credentials, with the
the assigned roles and permissions.
|
SimpleAccount(PrincipalCollection principals,
Object credentials)
Constructs a SimpleAccount instance for the specified principals and credentials.
|
SimpleAccount(PrincipalCollection principals,
Object hashedCredentials,
ByteSource credentialsSalt)
Constructs a SimpleAccount instance for the specified principals and credentials.
|
SimpleAccount(PrincipalCollection principals,
Object credentials,
Set<String> roles)
Constructs a SimpleAccount instance for the specified principals and credentials, with the assigned roles.
|
SimpleAccount(PrincipalCollection principals,
Object credentials,
Set<String> roleNames,
Set<Permission> permissions)
Constructs a SimpleAccount instance from the given principals and credentials, with the
the assigned roles and permissions.
|
Modifier and Type | Method and Description |
---|---|
void |
addObjectPermission(Permission permission)
Assigns an object-based permission directly to this Account (not any of its realms).
|
void |
addObjectPermissions(Collection<Permission> permissions)
Assigns one or more object-based permissions directly to this Account (not any of its realms).
|
void |
addRole(Collection<String> roles)
Adds one or more roles to this Account's set of assigned roles.
|
void |
addRole(String role)
Adds a role to this Account's set of assigned roles.
|
void |
addStringPermission(String permission)
Assigns a String-based permission directly to this Account (not to any of its realms).
|
void |
addStringPermissions(Collection<String> permissions)
Assigns one or more string-based permissions directly to this Account (not to any of its realms).
|
boolean |
equals(Object o)
Returns
true if the specified object is also a SimpleAccount and its
principals are equal to this object's principals , false otherwise. |
Object |
getCredentials()
Simply returns
this.authcInfo.getCredentials . |
ByteSource |
getCredentialsSalt()
Returns the salt used to hash this Account's credentials (eg for password hashing), or
null if no salt
was used or credentials were not hashed at all. |
Collection<Permission> |
getObjectPermissions()
Returns all object-based permissions assigned directly to this Account (not any of its realms).
|
PrincipalCollection |
getPrincipals()
Returns the principals, aka the identifying attributes (username, user id, first name, last name, etc) of this
Account.
|
Collection<String> |
getRoles()
Returns
this.authzInfo.getRoles(); |
Collection<String> |
getStringPermissions()
Returns all String-based permissions assigned to this Account.
|
int |
hashCode()
If the
principals are not null, returns principals.hashCode() , otherwise
returns 0 (zero). |
boolean |
isCredentialsExpired()
Returns whether or not the Account's credentials are expired.
|
boolean |
isLocked()
Returns
true if this Account is locked and thus cannot be used to login, false otherwise. |
void |
merge(AuthenticationInfo info)
Merges the specified
AuthenticationInfo into this Account . |
void |
setCredentials(Object credentials)
Sets this Account's credentials that verify one or more of the Account's
principals , such as a password or private key. |
void |
setCredentialsExpired(boolean credentialsExpired)
Sets whether or not the Account's credentials are expired.
|
void |
setCredentialsSalt(ByteSource salt)
Sets the salt to use to hash this Account's credentials (eg for password hashing), or
null if no salt
is used or credentials are not hashed at all. |
void |
setLocked(boolean locked)
Sets whether or not the account is locked and can be used to login.
|
void |
setObjectPermissions(Set<Permission> permissions)
Sets all object-based permissions assigned directly to this Account (not any of its realms).
|
void |
setPrincipals(PrincipalCollection principals)
Sets the principals, aka the identifying attributes (username, user id, first name, last name, etc) of this
Account.
|
void |
setRoles(Set<String> roles)
Sets the Account's assigned roles.
|
void |
setStringPermissions(Set<String> permissions)
Sets the String-based permissions assigned to this Account.
|
String |
toString()
Returns
principals .toString() if they are not null, otherwise prints out the string
"empty" |
public SimpleAccount()
public SimpleAccount(Object principal, Object credentials, String realmName)
principal
- the 'primary' identifying attribute of the account, for example, a user id or username.credentials
- the credentials that verify identity for the accountrealmName
- the name of the realm that accesses this account datapublic SimpleAccount(Object principal, Object hashedCredentials, ByteSource credentialsSalt, String realmName)
principal
- the 'primary' identifying attribute of the account, for example, a user id or username.hashedCredentials
- the credentials that verify identity for the accountcredentialsSalt
- the salt used when hashing the credentialsrealmName
- the name of the realm that accesses this account dataHashedCredentialsMatcher
public SimpleAccount(Collection principals, Object credentials, String realmName)
principals
- the identifying attributes of the account, at least one of which should be considered the
account's 'primary' identifying attribute, for example, a user id or username.credentials
- the credentials that verify identity for the accountrealmName
- the name of the realm that accesses this account datapublic SimpleAccount(PrincipalCollection principals, Object credentials)
principals
- the identifying attributes of the account, at least one of which should be considered the
account's 'primary' identifying attribute, for example, a user id or username.credentials
- the credentials that verify identity for the accountpublic SimpleAccount(PrincipalCollection principals, Object hashedCredentials, ByteSource credentialsSalt)
principals
- the identifying attributes of the account, at least one of which should be considered the
account's 'primary' identifying attribute, for example, a user id or username.hashedCredentials
- the hashed credentials that verify identity for the accountcredentialsSalt
- the salt used when hashing the credentialsHashedCredentialsMatcher
public SimpleAccount(PrincipalCollection principals, Object credentials, Set<String> roles)
principals
- the identifying attributes of the account, at least one of which should be considered the
account's 'primary' identifying attribute, for example, a user id or username.credentials
- the credentials that verify identity for the accountroles
- the names of the roles assigned to this account.public SimpleAccount(Object principal, Object credentials, String realmName, Set<String> roleNames, Set<Permission> permissions)
principal
- the 'primary' identifying attributes of the account, for example, a user id or username.credentials
- the credentials that verify identity for the accountrealmName
- the name of the realm that accesses this account dataroleNames
- the names of the roles assigned to this account.permissions
- the permissions assigned to this account directly (not those assigned to any of the realms).public SimpleAccount(Collection principals, Object credentials, String realmName, Set<String> roleNames, Set<Permission> permissions)
principals
- the identifying attributes of the account, at least one of which should be considered the
account's 'primary' identifying attribute, for example, a user id or username.credentials
- the credentials that verify identity for the accountrealmName
- the name of the realm that accesses this account dataroleNames
- the names of the roles assigned to this account.permissions
- the permissions assigned to this account directly (not those assigned to any of the realms).public SimpleAccount(PrincipalCollection principals, Object credentials, Set<String> roleNames, Set<Permission> permissions)
principals
- the identifying attributes of the account, at least one of which should be considered the
account's 'primary' identifying attribute, for example, a user id or username.credentials
- the credentials that verify identity for the accountroleNames
- the names of the roles assigned to this account.permissions
- the permissions assigned to this account directly (not those assigned to any of the realms).public PrincipalCollection getPrincipals()
getPrincipals
in interface AuthenticationInfo
public void setPrincipals(PrincipalCollection principals)
principals
- all the principals, aka the identifying attributes, of this Account.AuthenticationInfo.getPrincipals()
public Object getCredentials()
this.authcInfo.getCredentials
. The authcInfo
attribute is constructed
via the constructors to wrap the input arguments.getCredentials
in interface AuthenticationInfo
public void setCredentials(Object credentials)
principals
, such as a password or private key.credentials
- the credentials associated with this Account that verify one or more of the Account principals.AuthenticationInfo.getCredentials()
public ByteSource getCredentialsSalt()
null
if no salt
was used or credentials were not hashed at all.getCredentialsSalt
in interface SaltedAuthenticationInfo
null
if no salt
was used or credentials were not hashed at all.public void setCredentialsSalt(ByteSource salt)
null
if no salt
is used or credentials are not hashed at all.salt
- the salt to use to hash this Account's credentials (eg for password hashing), or null
if no
salt is used or credentials are not hashed at all.public Collection<String> getRoles()
this.authzInfo.getRoles();
getRoles
in interface AuthorizationInfo
public void setRoles(Set<String> roles)
this.authzInfo.setRoles(roles)
.roles
- the Account's assigned roles.AuthorizationInfo.getRoles()
public void addRole(String role)
this.authzInfo.addRole(role)
.role
- a role to assign to this Account.public void addRole(Collection<String> roles)
this.authzInfo.addRoles(roles)
.roles
- one or more roles to assign to this Account.public Collection<String> getStringPermissions()
this.authzInfo.getStringPermissions()
.getStringPermissions
in interface AuthorizationInfo
public void setStringPermissions(Set<String> permissions)
this.authzInfo.setStringPermissions(permissions)
.permissions
- all String-based permissions assigned to this Account.AuthorizationInfo.getStringPermissions()
public void addStringPermission(String permission)
permission
- the String-based permission to assign.public void addStringPermissions(Collection<String> permissions)
permissions
- one or more String-based permissions to assign.public Collection<Permission> getObjectPermissions()
getObjectPermissions
in interface AuthorizationInfo
public void setObjectPermissions(Set<Permission> permissions)
permissions
- the object-based permissions to assign directly to this Account.public void addObjectPermission(Permission permission)
permission
- the object-based permission to assign directly to this Account (not any of its realms).public void addObjectPermissions(Collection<Permission> permissions)
permissions
- one or more object-based permissions to assign directly to this Account (not any of its realms).public boolean isLocked()
true
if this Account is locked and thus cannot be used to login, false
otherwise.true
if this Account is locked and thus cannot be used to login, false
otherwise.public void setLocked(boolean locked)
locked
- true
if this Account is locked and thus cannot be used to login, false
otherwise.public boolean isCredentialsExpired()
public void setCredentialsExpired(boolean credentialsExpired)
true
value indicates that the Subject
or application administrator would need to change their credentials before the account could be used.credentialsExpired
- true
if this Account's credentials are expired and need to be changed,
false
otherwise.public void merge(AuthenticationInfo info)
AuthenticationInfo
into this Account
.
If the specified argument is also an instance of SimpleAccount
, the
isLocked()
and isCredentialsExpired()
attributes are merged (set on this instance) as well
(only if their values are true
).merge
in interface MergableAuthenticationInfo
info
- the AuthenticationInfo
to merge into this account.public int hashCode()
principals
are not null, returns principals.hashCode()
, otherwise
returns 0 (zero).public boolean equals(Object o)
true
if the specified object is also a SimpleAccount
and its
principals
are equal to this object's principals
, false
otherwise.equals
in class Object
o
- the object to test for equality.true
if the specified object is also a SimpleAccount
and its
principals
are equal to this object's principals
, false
otherwise.public String toString()
principals
.toString() if they are not null, otherwise prints out the string
"empty"Copyright © 2004-2016 The Apache Software Foundation. All Rights Reserved.