org.jasig.portal.security.provider
Class ChainingSecurityContext

java.lang.Object
  extended by org.jasig.portal.security.provider.ChainingSecurityContext
All Implemented Interfaces:
java.io.Serializable, ISecurityContext
Direct Known Subclasses:
BrokenSecurityContext, CacheSecurityContext, CasFilteredSecurityContext, CasSecurityContext, JAASSecurityContext, RemoteUserSecurityContext, SimpleLdapSecurityContext, SimpleSecurityContext, TrustSecurityContext, UnionSecurityContext

public abstract class ChainingSecurityContext
extends java.lang.Object
implements ISecurityContext

This is the basic abstract class for all security contexts that should chain to children security contexts.

Version:
$Revision: 1.34.4.1 $
Author:
Andrew Newman, newman@yale.edu, Don Fracapane (df7@columbia.edu) Added a new method named getSubContextNames() that returns an Enumeration of names for the subcontexts.
See Also:
Serialized Form

Nested Class Summary
 class ChainingSecurityContext.ChainingAdditionalDescriptor
          A default, placeholder implementation of IAdditionalDescriptor an instance of which is the default value for the instance variable "myAdditionalDescriptor" of instances of this class.
protected  class ChainingSecurityContext.ChainingOpaqueCredentials
           
protected  class ChainingSecurityContext.ChainingPrincipal
           
private static class ChainingSecurityContext.Entry
           
 
Field Summary
private static boolean DEFAULT_STOP_WHEN_AUTHENTICATED
          Default value for stopWhenAuthenticated.
protected  boolean isauth
           
protected  org.apache.commons.logging.Log log
           
protected  IAdditionalDescriptor myAdditionalDescriptor
           
protected  ChainingSecurityContext.ChainingOpaqueCredentials myOpaqueCredentials
           
protected  java.util.Comparator myOrder
           
protected  ChainingSecurityContext.ChainingPrincipal myPrincipal
           
protected  java.util.Vector mySubContexts
           
protected static boolean stopWhenAuthenticated
           
 
Constructor Summary
ChainingSecurityContext()
           
 
Method Summary
 void addSubContext(java.lang.String name, ISecurityContext ctx)
          Adds a named sub context to the list of subserviant subcontexts.
 void authenticate()
          We walk the chain of subcontext assigning principals and opaquecredentials from the parent.
 boolean doesSubContextExist(java.lang.String name)
           
 IAdditionalDescriptor getAdditionalDescriptor()
          Returns any additional descriptor information that might have been acquired during the process of authentication.
 IOpaqueCredentials getOpaqueCredentials()
          Returns any credentials that an authenticated principal currently has.
 IOpaqueCredentials getOpaqueCredentialsInstance()
          Returns an empty object reference to an object implementing the IOpaqueCredentials interface.
 IPrincipal getPrincipal()
          Returns the currently authenticated principal if we are currently authenticated.
 IPrincipal getPrincipalInstance()
          Returns an empty object reference to an object implementing the Principal interface.
 ISecurityContext getSubContext(java.lang.String name)
          Returns an ISecurityContext for the named subserviant security context.
 java.util.Enumeration getSubContextNames()
          Returns an enumeration of the names of the security contexts currently registered as being subserviant to this one.
 java.util.Enumeration getSubContexts()
          Returns an enumeration of the security contexts currently registered as being subserviant to this one.
 boolean isAuthenticated()
          Returns a boolean status as to whether the descriptor corresponds to an authenticated principal.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.jasig.portal.security.ISecurityContext
getAuthType
 

Field Detail

log

protected final org.apache.commons.logging.Log log

DEFAULT_STOP_WHEN_AUTHENTICATED

private static final boolean DEFAULT_STOP_WHEN_AUTHENTICATED
Default value for stopWhenAuthenticated. This value will be used when the corresponding property cannot be loaded.

See Also:
Constant Field Values

stopWhenAuthenticated

protected static boolean stopWhenAuthenticated

isauth

protected boolean isauth

mySubContexts

protected java.util.Vector mySubContexts

myPrincipal

protected ChainingSecurityContext.ChainingPrincipal myPrincipal

myOpaqueCredentials

protected ChainingSecurityContext.ChainingOpaqueCredentials myOpaqueCredentials

myAdditionalDescriptor

protected IAdditionalDescriptor myAdditionalDescriptor

myOrder

protected java.util.Comparator myOrder
Constructor Detail

ChainingSecurityContext

public ChainingSecurityContext()
Method Detail

getPrincipalInstance

public IPrincipal getPrincipalInstance()
Description copied from interface: ISecurityContext
Returns an empty object reference to an object implementing the Principal interface. By operating on this returned object the implementation class for the credentials type will be able to access any values set in the instance without exposing an interface method that would allow others (inappropriate) acces to the fields.

Specified by:
getPrincipalInstance in interface ISecurityContext
Returns:
An empty principal container.
See Also:
IPrincipal

getOpaqueCredentialsInstance

public IOpaqueCredentials getOpaqueCredentialsInstance()
Description copied from interface: ISecurityContext
Returns an empty object reference to an object implementing the IOpaqueCredentials interface. By operating on this returned object the implementation class for the credentials type will be able to access any values set in the Opaque credentials without exposing an interface method that would allow others to access the fields.

Specified by:
getOpaqueCredentialsInstance in interface ISecurityContext
Returns:
An empty credentials container.
See Also:
IOpaqueCredentials

authenticate

public void authenticate()
                  throws PortalSecurityException
We walk the chain of subcontext assigning principals and opaquecredentials from the parent. Note that the contexts themselves should resist actually performing the assignment if an assignment has already been made to either the credentials or the UID.

Specified by:
authenticate in interface ISecurityContext
Throws:
PortalSecurityException
See Also:
ISecurityContext.getPrincipalInstance(), ISecurityContext.getOpaqueCredentialsInstance()

getPrincipal

public IPrincipal getPrincipal()
Description copied from interface: ISecurityContext
Returns the currently authenticated principal if we are currently authenticated. Note that merely testing this for a non-null pointer is not sufficient to verify authenticated status. The isAuthenticated() call should be used. In some authentication schemes, an asyncronous event could potentially change one's authentication status.

Specified by:
getPrincipal in interface ISecurityContext
Returns:
The currently authenticated principal.

getOpaqueCredentials

public IOpaqueCredentials getOpaqueCredentials()
Description copied from interface: ISecurityContext
Returns any credentials that an authenticated principal currently has. Note that opaque credentials don't have any methods for examination of the credentials contents. This call would primarily be useful to chain authentication manually within the same authentication schem.

Specified by:
getOpaqueCredentials in interface ISecurityContext
Returns:
The currently authenticated credentials object.
See Also:
IOpaqueCredentials

getAdditionalDescriptor

public IAdditionalDescriptor getAdditionalDescriptor()
Description copied from interface: ISecurityContext
Returns any additional descriptor information that might have been acquired during the process of authentication. Note that this interface has no methods and the object returned will have to be cast to some concrete type or alternate interface to be useful.

Specified by:
getAdditionalDescriptor in interface ISecurityContext
Returns:
An object containing any additional descriptor information.
See Also:
IAdditionalDescriptor

isAuthenticated

public boolean isAuthenticated()
Description copied from interface: ISecurityContext
Returns a boolean status as to whether the descriptor corresponds to an authenticated principal. Note that the get(Principaal|OpaqueCredentials) calls return null until isAuthenticated first returns true.

Specified by:
isAuthenticated in interface ISecurityContext

getSubContext

public ISecurityContext getSubContext(java.lang.String name)
Description copied from interface: ISecurityContext
Returns an ISecurityContext for the named subserviant security context.

Specified by:
getSubContext in interface ISecurityContext
Parameters:
name - The non-compound name of the subserviant security context.
Returns:
The security context object reference associated with the name specified as the first parameter.

doesSubContextExist

public boolean doesSubContextExist(java.lang.String name)

getSubContexts

public java.util.Enumeration getSubContexts()
Description copied from interface: ISecurityContext
Returns an enumeration of the security contexts currently registered as being subserviant to this one.

Specified by:
getSubContexts in interface ISecurityContext
Returns:
The enumeration object containing all of the contexts.

addSubContext

public void addSubContext(java.lang.String name,
                          ISecurityContext ctx)
                   throws PortalSecurityException
Description copied from interface: ISecurityContext
Adds a named sub context to the list of subserviant subcontexts.

Specified by:
addSubContext in interface ISecurityContext
Parameters:
name - The non-compound name of the subserviant context. Note that under normal circumstances the establishment of the InitialSecurityContext will automatically register all subcontext.
ctx - The security context object to register.
Throws:
PortalSecurityException

getSubContextNames

public java.util.Enumeration getSubContextNames()
Description copied from interface: ISecurityContext
Returns an enumeration of the names of the security contexts currently registered as being subserviant to this one.

Specified by:
getSubContextNames in interface ISecurityContext
Returns:
The enumeration object containing all of the subcontext names.