Package com.evolveum.midpoint.security.api

Interface SecurityContextManager

public interface SecurityContextManager

Manager of security context. Used for storing authentication into the security context, set up security context for task ownership, etc. This is a part of low-level security functions. Those are security functions that deal with the basic concepts of authentication, task ownership, security context and so on.

Method Summary

Modifier and Type	Method	Description
void	clearTemporaryPrincipalOid()	Internal method to reset temporary principal OID.
org.springframework.security.core.Authentication	getAuthentication()
MidPointPrincipal	getPrincipal()	Returns principal representing the currently logged-in user.
String	getPrincipalOid()	Returns OID of the current principal.
@Nullable HttpConnectionInformation	getStoredConnectionInformation()	Returns stored connection information.
MidPointPrincipalManager	getUserProfileService()
boolean	isAuthenticated()
<T> T	runAs(Producer<T> producer, PrismObject<UserType> user)
default <T> T	runAsChecked(CheckedProducer<T> producer, PrismObject<UserType> user)	Convenience method to deal with producers that can throw CommonException.
<T> T	runPrivileged(Producer<T> producer)
default <T> T	runPrivilegedChecked(CheckedProducer<T> producer)	Convenience method to deal with producers that can throw CommonException.
void	setTemporaryPrincipalOid(String value)	Internal method to set temporary principal OID used during login process as a return value of getPrincipalOid() method.
void	setupPreAuthenticatedSecurityContext(PrismObject<? extends FocusType> focus)
void	setupPreAuthenticatedSecurityContext(MidPointPrincipal principal)
void	setupPreAuthenticatedSecurityContext(org.springframework.security.core.Authentication authentication)
void	setUserProfileService(MidPointPrincipalManager userProfileService)
void	storeConnectionInformation(@Nullable HttpConnectionInformation value)	Store connection information for later use within current thread.

Method Detail

isAuthenticated

boolean isAuthenticated()

getAuthentication

org.springframework.security.core.Authentication getAuthentication()

getPrincipal

MidPointPrincipal getPrincipal()
                        throws SecurityViolationException

Returns principal representing the currently logged-in user. Assumes that the user is logged-in. Otherwise an exception is thrown.

Throws:

SecurityViolationException

getPrincipalOid

String getPrincipalOid()

Returns OID of the current principal. After login is complete, the returned OID is the same as getPrincipal().getOid(). However, during login process, this method returns the OID of the user that is being authenticated/logged-in (a.k.a. temporary principal OID).

setTemporaryPrincipalOid

void setTemporaryPrincipalOid(String value)

Internal method to set temporary principal OID used during login process as a return value of getPrincipalOid() method.

clearTemporaryPrincipalOid

void clearTemporaryPrincipalOid()

Internal method to reset temporary principal OID.

setupPreAuthenticatedSecurityContext

void setupPreAuthenticatedSecurityContext(org.springframework.security.core.Authentication authentication)

setupPreAuthenticatedSecurityContext

void setupPreAuthenticatedSecurityContext(MidPointPrincipal principal)

setupPreAuthenticatedSecurityContext

void setupPreAuthenticatedSecurityContext(PrismObject<? extends FocusType> focus)
                                   throws SchemaException,
                                          CommunicationException,
                                          ConfigurationException,
                                          SecurityViolationException,
                                          ExpressionEvaluationException

Throws:

SchemaException

CommunicationException

ConfigurationException

SecurityViolationException

ExpressionEvaluationException

runAs

<T> T runAs(Producer<T> producer,
            PrismObject<UserType> user)
     throws SchemaException,
            CommunicationException,
            ConfigurationException,
            SecurityViolationException,
            ExpressionEvaluationException

Throws:

SchemaException

CommunicationException

ConfigurationException

SecurityViolationException

ExpressionEvaluationException

runAsChecked

default <T> T runAsChecked(CheckedProducer<T> producer,
                           PrismObject<UserType> user)
                    throws CommonException

Convenience method to deal with producers that can throw CommonException.

Throws:

CommonException

runPrivileged

<T> T runPrivileged(Producer<T> producer)

runPrivilegedChecked

default <T> T runPrivilegedChecked(CheckedProducer<T> producer)
                            throws CommonException

Convenience method to deal with producers that can throw CommonException.

Throws:

CommonException

getUserProfileService

MidPointPrincipalManager getUserProfileService()

setUserProfileService

void setUserProfileService(MidPointPrincipalManager userProfileService)

storeConnectionInformation

void storeConnectionInformation(@Nullable
                                @Nullable HttpConnectionInformation value)

Store connection information for later use within current thread.

getStoredConnectionInformation

@Nullable
@Nullable HttpConnectionInformation getStoredConnectionInformation()

Returns stored connection information. Should be used for non-HTTP threads that have no access to stored Request object (see SecurityUtil.getCurrentConnectionInformation()).