Package com.hazelcast.security

Interface SecurityContext

  • public interface SecurityContext
    SecurityContext is responsible for managing lifecycle of security object such as ICredentialsFactory, IPermissionPolicy etc, to creating LoginContextes for member and client authentications and checking permissions for client operations.

    • Method Detail

      • createMemberLoginContext

        javax.security.auth.login.LoginContext createMemberLoginContext​(java.lang.String clusterName,
                                                                Credentials credentials,
                                                                com.hazelcast.internal.nio.Connection connection)
                                                         throws javax.security.auth.login.LoginException
        Creates member LoginContext.
        Parameters:
        clusterName - cluster name received from the connecting member
        credentials - member credentials
        connection - member connection
        Returns:
        LoginContext
        Throws:
        javax.security.auth.login.LoginException - in case of any exceptional case

      • createClientLoginContext

        javax.security.auth.login.LoginContext createClientLoginContext​(java.lang.String clusterName,
                                                                Credentials credentials,
                                                                com.hazelcast.internal.nio.Connection connection)
                                                         throws javax.security.auth.login.LoginException
        Creates client LoginContext.
        Parameters:
        clusterName - cluster name reported on the client protocol
        credentials - client credentials
        connection - client connection
        Returns:
        LoginContext
        Throws:
        javax.security.auth.login.LoginException - in case of any exceptional case

      • checkPermission

        void checkPermission​(javax.security.auth.Subject subject,
                     java.security.Permission permission)
              throws java.security.AccessControlException
        Checks whether current Subject has been granted specified permission or not.
        Parameters:
        subject - the current subject
        permission - the specified permission for the subject
        Throws:
        java.security.AccessControlException - if the specified permission has not been granted to the subject

      • interceptBefore

        void interceptBefore​(Credentials credentials,
                     java.lang.String serviceName,
                     java.lang.String objectName,
                     java.lang.String methodName,
                     java.lang.Object[] parameters)
              throws java.security.AccessControlException
        intercepts a request before process if any SecurityInterceptor configured
        Parameters:
        credentials -
        serviceName -
        objectName -
        methodName -
        parameters -
        Throws:
        java.security.AccessControlException - if access is denied

      • interceptAfter

        void interceptAfter​(Credentials credentials,
                    java.lang.String serviceName,
                    java.lang.String objectName,
                    java.lang.String methodName)
        intercepts a request after process if any SecurityInterceptor configured Any exception thrown during interception will be ignored
        Parameters:
        credentials -
        serviceName -
        objectName -
        methodName -

      • createSecureCallable

        <V> SecureCallable<V> createSecureCallable​(javax.security.auth.Subject subject,
                                           java.util.concurrent.Callable<V> callable)
        Creates secure callable that runs in a sandbox.
        Type Parameters:
        V - return type of callable
        Parameters:
        subject -
        callable -
        Returns:
        result of callable

      • createSecureCallable

        <V> SecureCallable<?> createSecureCallable​(javax.security.auth.Subject subject,
                                           java.lang.Runnable runnable)
        Creates secure callable that runs in a sandbox.
        Type Parameters:
        V - return type of callable
        Parameters:
        subject -
        runnable -
        Returns:
        Will always return null after Runnable finishes running.

      • destroy

        void destroy()
        Destroys SecurityContext and all security elements.

      • refreshPermissions

        void refreshPermissions​(java.util.Set<PermissionConfig> permissionConfigs)

      • createSqlContext

        com.hazelcast.sql.impl.security.SqlSecurityContext createSqlContext​(javax.security.auth.Subject subject)