public interface SecurityContext
ICredentialsFactory
, IPermissionPolicy
etc, to creating LoginContext
es
for member and client authentications and checking permissions for client operations.Modifier and Type | Method and Description |
---|---|
void |
checkPermission(Subject subject,
Permission permission)
Checks whether current
Subject has been granted specified permission or not. |
LoginContext |
createClientLoginContext(String clusterName,
Credentials credentials,
com.hazelcast.internal.nio.Connection connection)
Creates client
LoginContext . |
LoginContext |
createMemberLoginContext(String clusterName,
Credentials credentials,
com.hazelcast.internal.nio.Connection connection)
Creates member
LoginContext . |
<V> SecureCallable<V> |
createSecureCallable(Subject subject,
Callable<V> callable)
Creates secure callable that runs in a sandbox.
|
<V> SecureCallable<?> |
createSecureCallable(Subject subject,
Runnable runnable)
Creates secure callable that runs in a sandbox.
|
void |
destroy()
Destroys
SecurityContext and all security elements. |
ICredentialsFactory |
getCredentialsFactory()
Returns current
ICredentialsFactory . |
void |
interceptAfter(Credentials credentials,
String serviceName,
String objectName,
String methodName)
intercepts a request after process if any
SecurityInterceptor configured
Any exception thrown during interception will be ignored |
void |
interceptBefore(Credentials credentials,
String serviceName,
String objectName,
String methodName,
Object[] parameters)
intercepts a request before process if any
SecurityInterceptor configured |
void |
refreshPermissions(Set<PermissionConfig> permissionConfigs) |
LoginContext createMemberLoginContext(String clusterName, Credentials credentials, com.hazelcast.internal.nio.Connection connection) throws LoginException
LoginContext
.clusterName
- cluster name received from the connecting membercredentials
- member credentialsconnection
- member connectionLoginContext
LoginException
- in case of any exceptional caseLoginContext createClientLoginContext(String clusterName, Credentials credentials, com.hazelcast.internal.nio.Connection connection) throws LoginException
LoginContext
.clusterName
- cluster name reported on the client protocolcredentials
- client credentialsconnection
- client connectionLoginContext
LoginException
- in case of any exceptional caseICredentialsFactory getCredentialsFactory()
ICredentialsFactory
.ICredentialsFactory
void checkPermission(Subject subject, Permission permission) throws AccessControlException
Subject
has been granted specified permission or not.subject
- the current subjectpermission
- the specified permission for the subjectAccessControlException
- if the specified permission has not been granted to the subjectvoid interceptBefore(Credentials credentials, String serviceName, String objectName, String methodName, Object[] parameters) throws AccessControlException
SecurityInterceptor
configuredcredentials
- serviceName
- objectName
- methodName
- parameters
- AccessControlException
- if access is deniedvoid interceptAfter(Credentials credentials, String serviceName, String objectName, String methodName)
SecurityInterceptor
configured
Any exception thrown during interception will be ignoredcredentials
- serviceName
- objectName
- methodName
- <V> SecureCallable<V> createSecureCallable(Subject subject, Callable<V> callable)
V
- return type of callablesubject
- callable
- <V> SecureCallable<?> createSecureCallable(Subject subject, Runnable runnable)
V
- return type of callablesubject
- runnable
- Runnable
finishes running.void destroy()
SecurityContext
and all security elements.void refreshPermissions(Set<PermissionConfig> permissionConfigs)
Copyright © 2020 Hazelcast, Inc.. All rights reserved.