Package org.springframework.security.authentication.jaas

Interface AuthorityGranter

  • public interface AuthorityGranter
    The AuthorityGranter interface is used to map a given principal to role names.

    If a Windows NT login module were to be used from JAAS, an AuthrityGranter implementation could be created to map a NT Group Principal to a ROLE_USER role for instance.

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      java.util.Set<java.lang.String> grant​(java.security.Principal principal)
      The grant method is called for each principal returned from the LoginContext subject.

    • Method Detail

      • grant

        java.util.Set<java.lang.String> grant​(java.security.Principal principal)
        The grant method is called for each principal returned from the LoginContext subject. If the AuthorityGranter wishes to grant any authorities, it should return a java.util.Set containing the role names it wishes to grant, such as ROLE_USER. If the AuthrityGranter does not wish to grant any authorities it should return null.

        The set may contain any object as all objects in the returned set will be passed to the JaasGrantedAuthority constructor using toString().

        Parameters:
        principal - One of the principals from the LoginContext.getSubect().getPrincipals() method.
        Returns:
        the role names to grant, or null, meaning no roles should be granted to the principal.