You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by ra...@apache.org on 2019/01/17 13:10:16 UTC

[tomee] 02/17: TOMEE-2365 - Added SecurityContext API.

This is an automated email from the ASF dual-hosted git repository.

radcortez pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git

commit 84530e6e3611c4162bd103d75cc11eef58bd3a80
Author: Roberto Cortez <ra...@yahoo.com>
AuthorDate: Mon Jan 14 16:33:12 2019 +0000

    TOMEE-2365 - Added SecurityContext API.
---
 .../javax/security/enterprise/SecurityContext.java | 36 ++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/tomee/tomee-security/src/main/java/javax/security/enterprise/SecurityContext.java b/tomee/tomee-security/src/main/java/javax/security/enterprise/SecurityContext.java
new file mode 100644
index 0000000..2282fcd
--- /dev/null
+++ b/tomee/tomee-security/src/main/java/javax/security/enterprise/SecurityContext.java
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package javax.security.enterprise;
+
+import javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.security.Principal;
+import java.util.Set;
+
+public interface SecurityContext {
+    Principal getCallerPrincipal();
+
+    <T extends Principal> Set<T> getPrincipalsByType(Class<T> pType);
+
+    boolean isCallerInRole(String role);
+
+    boolean hasAccessToWebResource(String resource, String... methods);
+
+    AuthenticationStatus authenticate(HttpServletRequest request, HttpServletResponse response,
+                                      AuthenticationParameters parameters);
+}