Package org.wildfly.security.auth.realm
Class DistributedSecurityRealm
- java.lang.Object
-
- org.wildfly.security.auth.realm.DistributedSecurityRealm
-
- All Implemented Interfaces:
SecurityRealm
public class DistributedSecurityRealm extends Object implements SecurityRealm
A realm for authentication and authorization of identities distributed between multiple realms.- Author:
- Martin Mazanek
-
-
Field Summary
-
Fields inherited from interface org.wildfly.security.auth.server.SecurityRealm
EMPTY_REALM
-
-
Constructor Summary
Constructors Constructor Description DistributedSecurityRealm(boolean ignoreUnavailableRealms, Consumer<Integer> unavailableRealmCallback, SecurityRealm... securityRealms)Construct a new instance.DistributedSecurityRealm(SecurityRealm... securityRealms)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description SupportLevelgetCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)Determine whether a credential of the given type and algorithm is definitely obtainable, possibly obtainable (for] some identities), or definitely not obtainable.SupportLevelgetEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName)Determine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), or definitely not verifiable.RealmIdentitygetRealmIdentity(Principal principal)Get a handle for to the identity for the given principal in the context of this security realm.RealmIdentitygetRealmIdentity(Evidence evidence)Get a handle for to the identity for the given evidence in the context of this security realm.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.wildfly.security.auth.server.SecurityRealm
getCredentialAcquireSupport, getRealmIdentity, handleRealmEvent
-
-
-
-
Constructor Detail
-
DistributedSecurityRealm
public DistributedSecurityRealm(SecurityRealm... securityRealms)
-
DistributedSecurityRealm
public DistributedSecurityRealm(boolean ignoreUnavailableRealms, Consumer<Integer> unavailableRealmCallback, SecurityRealm... securityRealms)Construct a new instance.- Parameters:
ignoreUnavailableRealms- allow to specify that the search should continue on to the next realm if a realm happens to be unavailableunavailableRealmCallback- a callback that can be used to emit realm unavailability, can benullsecurityRealms- references to one or more security realms for authentication and authorization
-
-
Method Detail
-
getRealmIdentity
public RealmIdentity getRealmIdentity(Evidence evidence) throws RealmUnavailableException
Description copied from interface:SecurityRealmGet a handle for to the identity for the given evidence in the context of this security realm. Any validation / name mapping is an implementation detail for the realm. The identity may or may not exist. The returned handle must be cleaned up by a call toRealmIdentity.dispose(). Where this method is used to obtain aRealmIdentityprior to evidence verification the methodRealmIdentity.getEvidenceVerifySupport(Class, String)will be used to verify if the identity is usable.- Specified by:
getRealmIdentityin interfaceSecurityRealm- Parameters:
evidence- an evidence instance which identifies the identity within the realm (must not benull)- Returns:
- the
RealmIdentityfor the provided evidence (notnull) - Throws:
RealmUnavailableException
-
getRealmIdentity
public RealmIdentity getRealmIdentity(Principal principal) throws RealmUnavailableException
Description copied from interface:SecurityRealmGet a handle for to the identity for the given principal in the context of this security realm. Any validation / name mapping is an implementation detail for the realm. The identity may or may not exist. The returned handle must be cleaned up by a call toRealmIdentity.dispose().- Specified by:
getRealmIdentityin interfaceSecurityRealm- Parameters:
principal- the principal which identifies the identity within the realm (must not benull)- Returns:
- the
RealmIdentityfor the provided principal (notnull) - Throws:
RealmUnavailableException
-
getCredentialAcquireSupport
public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec) throws RealmUnavailableException
Description copied from interface:SecurityRealmDetermine whether a credential of the given type and algorithm is definitely obtainable, possibly obtainable (for] some identities), or definitely not obtainable.- Specified by:
getCredentialAcquireSupportin interfaceSecurityRealm- Parameters:
credentialType- the exact credential type (must not benull)algorithmName- the algorithm name, ornullif any algorithm is acceptable or the credential type does not support algorithm namesparameterSpec- the algorithm parameters to match, ornullif any parameters are acceptable or the credential type does not support algorithm parameters- Returns:
- the level of support for this credential
- Throws:
RealmUnavailableException- if the realm is not able to handle requests for any reason
-
getEvidenceVerifySupport
public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName) throws RealmUnavailableException
Description copied from interface:SecurityRealmDetermine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), or definitely not verifiable.- Specified by:
getEvidenceVerifySupportin interfaceSecurityRealm- Parameters:
evidenceType- the type of evidence to be verified (must not benull)algorithmName- the algorithm name, ornullif any algorithm is acceptable or the evidence type does not support algorithm names- Returns:
- the level of support for this evidence type
- Throws:
RealmUnavailableException- if the realm is not able to handle requests for any reason
-
-