Interface AuthorityGranter


public interface AuthorityGranter
The AuthorityGranter interface is used to map a given principal to role names.

If a Windows NT login module were to be used from JAAS, an AuthorityGranter implementation could be created to map a NT Group Principal to a ROLE_USER role for instance.

  • Method Summary

    Modifier and Type
    Method
    Description
    grant(Principal principal)
    The grant method is called for each principal returned from the LoginContext subject.
  • Method Details

    • grant

      Set<String> grant(Principal principal)
      The grant method is called for each principal returned from the LoginContext subject. If the AuthorityGranter wishes to grant any authorities, it should return a java.util.Set containing the role names it wishes to grant, such as ROLE_USER. If the AuthorityGranter does not wish to grant any authorities it should return null.

      The set may contain any object as all objects in the returned set will be passed to the JaasGrantedAuthority constructor using toString().

      Parameters:
      principal - One of the principals from the LoginContext.getSubject().getPrincipals() method.
      Returns:
      the role names to grant, or null, meaning no roles should be granted to the principal.