Package com.hazelcast.security
Interface SecurityContext
public interface SecurityContext
SecurityContext is responsible for managing lifecycle of security object such as
ICredentialsFactory
, IPermissionPolicy
etc, to creating LoginContext
es
for member and client authentications and checking permissions for client operations.-
Method Summary
Modifier and Type Method Description void
checkPermission(Subject subject, Permission permission)
Checks whether currentSubject
has been granted specified permission or not.LoginContext
createClientLoginContext(String clusterName, Credentials credentials, com.hazelcast.internal.nio.Connection connection)
Creates clientLoginContext
.LoginContext
createMemberLoginContext(String clusterName, Credentials credentials, com.hazelcast.internal.nio.Connection connection)
Creates memberLoginContext
.<V> SecureCallable<?>
createSecureCallable(Subject subject, Runnable runnable)
Creates secure callable that runs in a sandbox.<V> SecureCallable<V>
createSecureCallable(Subject subject, Callable<V> callable)
Creates secure callable that runs in a sandbox.com.hazelcast.sql.impl.security.SqlSecurityContext
createSqlContext(Subject subject)
void
destroy()
DestroysSecurityContext
and all security elements.ICredentialsFactory
getCredentialsFactory()
Returns currentICredentialsFactory
.void
interceptAfter(Credentials credentials, String serviceName, String objectName, String methodName)
intercepts a request after process if anySecurityInterceptor
configured Any exception thrown during interception will be ignoredvoid
interceptBefore(Credentials credentials, String serviceName, String objectName, String methodName, Object[] parameters)
intercepts a request before process if anySecurityInterceptor
configuredvoid
refreshPermissions(Set<PermissionConfig> permissionConfigs)
-
Method Details
-
createMemberLoginContext
LoginContext createMemberLoginContext(String clusterName, Credentials credentials, com.hazelcast.internal.nio.Connection connection) throws LoginExceptionCreates memberLoginContext
.- Parameters:
clusterName
- cluster name received from the connecting membercredentials
- member credentialsconnection
- member connection- Returns:
LoginContext
- Throws:
LoginException
- in case of any exceptional case
-
createClientLoginContext
LoginContext createClientLoginContext(String clusterName, Credentials credentials, com.hazelcast.internal.nio.Connection connection) throws LoginExceptionCreates clientLoginContext
.- Parameters:
clusterName
- cluster name reported on the client protocolcredentials
- client credentialsconnection
- client connection- Returns:
LoginContext
- Throws:
LoginException
- in case of any exceptional case
-
getCredentialsFactory
ICredentialsFactory getCredentialsFactory()Returns currentICredentialsFactory
.- Returns:
ICredentialsFactory
-
checkPermission
Checks whether currentSubject
has been granted specified permission or not.- Parameters:
subject
- the current subjectpermission
- the specified permission for the subject- Throws:
AccessControlException
- if the specified permission has not been granted to the subject
-
interceptBefore
void interceptBefore(Credentials credentials, String serviceName, String objectName, String methodName, Object[] parameters) throws AccessControlExceptionintercepts a request before process if anySecurityInterceptor
configured- Parameters:
credentials
-serviceName
-objectName
-methodName
-parameters
-- Throws:
AccessControlException
- if access is denied
-
interceptAfter
void interceptAfter(Credentials credentials, String serviceName, String objectName, String methodName)intercepts a request after process if anySecurityInterceptor
configured Any exception thrown during interception will be ignored- Parameters:
credentials
-serviceName
-objectName
-methodName
-
-
createSecureCallable
Creates secure callable that runs in a sandbox.- Type Parameters:
V
- return type of callable- Parameters:
subject
-callable
-- Returns:
- result of callable
-
createSecureCallable
Creates secure callable that runs in a sandbox.- Type Parameters:
V
- return type of callable- Parameters:
subject
-runnable
-- Returns:
- Will always return null after
Runnable
finishes running.
-
destroy
void destroy()DestroysSecurityContext
and all security elements. -
refreshPermissions
-
createSqlContext
-