2 // ========================================================================
3 // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
19 package org.eclipse.jetty.security;
21 import java.security.Principal;
23 import javax.security.auth.Subject;
25 import org.eclipse.jetty.server.UserIdentity;
28 /* ------------------------------------------------------------ */
30 * Default Identity Service implementation.
31 * This service handles only role reference maps passed in an
32 * associated {@link org.eclipse.jetty.server.UserIdentity.Scope}. If there are roles
33 * refs present, then associate will wrap the UserIdentity with one
34 * that uses the role references in the
35 * {@link org.eclipse.jetty.server.UserIdentity#isUserInRole(String, org.eclipse.jetty.server.UserIdentity.Scope)}
36 * implementation. All other operations are effectively noops.
39 public class DefaultIdentityService implements IdentityService
41 /* ------------------------------------------------------------ */
42 public DefaultIdentityService()
46 /* ------------------------------------------------------------ */
48 * If there are roles refs present in the scope, then wrap the UserIdentity
49 * with one that uses the role references in the {@link UserIdentity#isUserInRole(String, org.eclipse.jetty.server.UserIdentity.Scope)}
51 public Object associate(UserIdentity user)
56 /* ------------------------------------------------------------ */
57 public void disassociate(Object previous)
61 /* ------------------------------------------------------------ */
62 public Object setRunAs(UserIdentity user, RunAsToken token)
67 /* ------------------------------------------------------------ */
68 public void unsetRunAs(Object lastToken)
72 /* ------------------------------------------------------------ */
73 public RunAsToken newRunAsToken(String runAsName)
75 return new RoleRunAsToken(runAsName);
78 /* ------------------------------------------------------------ */
79 public UserIdentity getSystemUserIdentity()
84 /* ------------------------------------------------------------ */
85 public UserIdentity newUserIdentity(final Subject subject, final Principal userPrincipal, final String[] roles)
87 return new DefaultUserIdentity(subject,userPrincipal,roles);