public class IdentityStoreWrapper extends java.lang.Object implements IdentityStore
IdentityStore.ValidationType
DEFAULT_VALIDATION_TYPES
Constructor and Description |
---|
IdentityStoreWrapper(IdentityStore identityStore) |
Modifier and Type | Method and Description |
---|---|
java.util.Set<java.lang.String> |
getCallerGroups(CredentialValidationResult validationResult)
Returns groups for the caller, who is identified by the
CallerPrincipal
(and potentially other values) found in the validationResult parameter. |
IdentityStore |
getWrapped() |
int |
priority()
Determines the order of invocation for multiple
IdentityStore s. |
CredentialValidationResult |
validate(Credential credential)
Validates the given credential.
|
java.util.Set<IdentityStore.ValidationType> |
validationTypes()
Determines the type of validation the
IdentityStore should be used for. |
public IdentityStoreWrapper(IdentityStore identityStore)
public IdentityStore getWrapped()
public CredentialValidationResult validate(Credential credential)
IdentityStore
As a convenience, a default implementation is provided that looks up an overload of this method
that has, as its one and only parameter, a subclass of Credential
. Here is an example of what
an implementation of this interface looks like with such an overloaded method:
public class ExampleIdentityStore implements IdentityStore { public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) { // Implementation ... return INVALID_RESULT; } }
Note that the overloaded method is only called when the actual type passed into this method will exactly match the parameter type of the overloaded method. There's no attempt being done to find the most specific overloaded method such as specified in JLS 15.2.
This method returns a CredentialValidationResult
representing the result of the validation attempt:
whether it succeeded or failed, and, for a successful validation, the CallerPrincipal
, and possibly
groups or other attributes, of the caller.
validate
in interface IdentityStore
credential
- The credential to validate.public java.util.Set<java.lang.String> getCallerGroups(CredentialValidationResult validationResult)
IdentityStore
CallerPrincipal
(and potentially other values) found in the validationResult
parameter.
Callers (i.e., IdentityStoreHandler
s) should have
IdentityStorePermission
permission to invoke this method.
Implementations should check for this permission before doing any work:
SecurityManager security = System.getSecurityManager(); if (security != null) { security.checkPermission(new IdentityStorePermission("getGroups"); }
getCallerGroups
in interface IdentityStore
validationResult
- The CredentialValidationResult
returned
by a previous call to IdentityStore.validate(Credential)
.Set
of groups found for the caller, if any, or an empty Set
otherwise.public int priority()
IdentityStore
IdentityStore
s.
Stores with a lower priority value are consulted first.priority
in interface IdentityStore
public java.util.Set<IdentityStore.ValidationType> validationTypes()
IdentityStore
IdentityStore
should be used for.
By default, its used for credential validation AND providing groups.
Implementations of this API should not return a direct reference
to a Set
used internally to represent an IdentityStore
's validation types,
unless it is an immutable Set
. Callers of the API should be aware that
the returned Set
may be immutable, or a copy, and that, in any case,
it should not be modified by the caller.
validationTypes
in interface IdentityStore
Set
containing the validation types enabled for the IdentityStore
.