public interface SecurityContext

An injectable interface that provides access to security related information.

Since:: 1.0
Author:: Paul Sandoz, Marc Hadley
See Also:: Context

Field Summary

Fields
Modifier and Type	Field	Description
`static String`	`BASIC_AUTH`	String identifier for Basic authentication.
`static String`	`CLIENT_CERT_AUTH`	String identifier for Client Certificate authentication.
`static String`	`DIGEST_AUTH`	String identifier for Digest authentication.
`static String`	`FORM_AUTH`	String identifier for Form authentication.

Method Summary

Modifier and Type	Method	Description
`String`	`getAuthenticationScheme()`	Returns the string value of the authentication scheme used to protect the resource.
`Principal`	`getUserPrincipal()`	Returns a `java.security.Principal` object containing the name of the current authenticated user.
`boolean`	`isSecure()`	Returns a boolean indicating whether this request was made using a secure channel, such as HTTPS.
`boolean`	`isUserInRole(String role)`	Returns a boolean indicating whether the authenticated user is included in the specified logical "role".

Field Details
- BASIC_AUTH
  
  static final String BASIC_AUTH
  
  String identifier for Basic authentication. Value "BASIC"
  
  See Also:
  
  Constant Field Values
- CLIENT_CERT_AUTH
  
  static final String CLIENT_CERT_AUTH
  
  String identifier for Client Certificate authentication. Value "CLIENT_CERT"
  
  See Also:
  
  Constant Field Values
- DIGEST_AUTH
  
  static final String DIGEST_AUTH
  
  String identifier for Digest authentication. Value "DIGEST"
  
  See Also:
  
  Constant Field Values
- FORM_AUTH
  
  static final String FORM_AUTH
  
  String identifier for Form authentication. Value "FORM"
  
  See Also:
  
  Constant Field Values
Method Details
- getUserPrincipal
  
  Principal getUserPrincipal()
  
  Returns a java.security.Principal object containing the name of the current authenticated user. If the user has not been authenticated, the method returns null.
  
  Returns:
  
  a java.security.Principal containing the name of the user making this request; null if the user has not been authenticated
  
  Throws:
  
  IllegalStateException - if called outside the scope of a request
- isUserInRole
  
  boolean isUserInRole(String role)
  
  Returns a boolean indicating whether the authenticated user is included in the specified logical "role". If the user has not been authenticated, the method returns false.
  
  Parameters:
  
  role - a String specifying the name of the role
  
  Returns:
  
  a boolean indicating whether the user making the request belongs to a given role; false if the user has not been authenticated
  
  Throws:
  
  IllegalStateException - if called outside the scope of a request
- isSecure
  
  boolean isSecure()
  
  Returns a boolean indicating whether this request was made using a secure channel, such as HTTPS.
  
  Returns:
  
  true if the request was made using a secure channel, false otherwise
  
  Throws:
  
  IllegalStateException - if called outside the scope of a request
- getAuthenticationScheme
  
  String getAuthenticationScheme()
  
  Returns the string value of the authentication scheme used to protect the resource. If the resource is not authenticated, null is returned. Values are the same as the CGI variable AUTH_TYPE
  
  Returns:
  
  one of the static members BASIC_AUTH, FORM_AUTH, CLIENT_CERT_AUTH, DIGEST_AUTH (suitable for == comparison) or the container-specific string indicating the authentication scheme, or null if the request was not authenticated.
  
  Throws:
  
  IllegalStateException - if called outside the scope of a request

Interface SecurityContext

Field Summary

Method Summary

Field Details

Method Details