public interface RunAsManager
Authentication
object for the current secure object
invocation only.
This interface permits implementations to replace the Authentication
object that applies to the current secure object invocation only. The
AbstractSecurityInterceptor
will
replace the Authentication
object held in the
SecurityContext
for
the duration of the secure object callback only, returning it to the original
Authentication
object when the callback ends.
This is provided so that systems with two layers of objects can be established. One
layer is public facing and has normal secure methods with the granted authorities
expected to be held by external callers. The other layer is private, and is only
expected to be called by objects within the public facing layer. The objects in this
private layer still need security (otherwise they would be public methods) and they
also need security in such a manner that prevents them being called directly by
external callers. The objects in the private layer would be configured to require
granted authorities never granted to external callers. The RunAsManager
interface provides a mechanism to elevate security in this manner.
It is expected implementations will provide a corresponding concrete
Authentication
and AuthenticationProvider
so that the
replacement Authentication
object can be authenticated. Some form of
security will need to be implemented to ensure the AuthenticationProvider
only accepts Authentication
objects created by an authorized concrete
implementation of RunAsManager
.
Modifier and Type | Method and Description |
---|---|
Authentication |
buildRunAs(Authentication authentication,
Object object,
Collection<ConfigAttribute> attributes)
Returns a replacement
Authentication object for the current secure
object invocation, or null if replacement not required. |
boolean |
supports(Class<?> clazz)
Indicates whether the
RunAsManager implementation is able to provide
run-as replacement for the indicated secure object type. |
boolean |
supports(ConfigAttribute attribute)
Indicates whether this
RunAsManager is able to process the passed
ConfigAttribute . |
Authentication buildRunAs(Authentication authentication, Object object, Collection<ConfigAttribute> attributes)
Authentication
object for the current secure
object invocation, or null
if replacement not required.authentication
- the caller invoking the secure objectobject
- the secured object being calledattributes
- the configuration attributes associated with the secure object
being invokednull
if the Authentication
should be left
as isboolean supports(ConfigAttribute attribute)
RunAsManager
is able to process the passed
ConfigAttribute
.
This allows the AbstractSecurityInterceptor
to check every
configuration attribute can be consumed by the configured
AccessDecisionManager
and/or RunAsManager
and/or
AfterInvocationManager
.
attribute
- a configuration attribute that has been configured against the
AbstractSecurityInterceptor
true
if this RunAsManager
can support the passed
configuration attributeboolean supports(Class<?> clazz)
RunAsManager
implementation is able to provide
run-as replacement for the indicated secure object type.clazz
- the class that is being queried