Package ch.tocco.nice2.security.impl

Class SecurityManagerImpl

java.lang.Object

ch.tocco.nice2.security.impl.SecurityManagerImpl

All Implemented Interfaces:

SecurityManager

@Component
public class SecurityManagerImpl
extends Object
implements SecurityManager

Constructor Summary

Constructors

Constructor	Description
SecurityManagerImpl(org.slf4j.Logger log, PolicyCompiler policyCompiler, ContributionManager contributionManager, PrincipalManager principalManager, Authenticator authenticator, ThreadHandlerManager threadHandlerManager, TypeManager typeManager, org.springframework.context.ApplicationEventPublisher eventPublisher)

Method Summary

Modifier and Type	Method	Description
Invoker	anonymous()
void	enterPrivileged()
void	exitPrivileged()
Map<String,SecurityDomain>	getAllDomains()
SecurityContext	getAnonymousContext()
Policy	getPolicy()
void	initializeService()
boolean	isPrivileged()
SecurityContext	login(Principal principal, @Nullable UUID sessionId, boolean disablePolicyProcessors)
void	logout(SecurityContext securityContext)	Called to clean up resources when a SecurityContext is destroyed
Invoker	privileged()
Policy	processPolicy(Object target, Policy policy, Phase phase, Predicate<Rule> filter, boolean disableProcessors)
Permission	readPermission(String domainName, String expression)
void	reloadPolicy()
Invoker	secured()
void	setGuardFactories(List<GuardFactory> guardFactories)
void	setPolicyProcessors(List<PolicyProcessorContribution> processors)
void	setPolicyProviders(List<PolicyProvider> providers)
void	setPolicyValidators(List<PolicyValidator> policyValidators)
Invoker	withAdditionalRules(Consumer<PolicyBuilder> consumer)	Note: This method sets a new SecurityContext into the ExecutionContext.
Invoker	withLogin(Principal principal)
Invoker	withLogin(String username, String password)
Invoker	withLogin(String username, String password, boolean ignoreCaptchaVerification)
Invoker	withRules(Consumer<PolicyBuilder> consumer)	Note: This method sets a new SecurityContext into the ExecutionContext.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface ch.tocco.nice2.security.api.SecurityManager

login, login, processPolicy

Constructor Details

SecurityManagerImpl

public SecurityManagerImpl(org.slf4j.Logger log,
 @Lazy
 PolicyCompiler policyCompiler,
 @Lazy
 ContributionManager contributionManager,
 @Lazy
 PrincipalManager principalManager,
 @Lazy
 Authenticator authenticator,
 ThreadHandlerManager threadHandlerManager,
 TypeManager typeManager,
 org.springframework.context.ApplicationEventPublisher eventPublisher)

Method Details

setPolicyProviders

@Autowired
public void setPolicyProviders(List<PolicyProvider> providers)

setPolicyValidators

@Autowired
public void setPolicyValidators(List<PolicyValidator> policyValidators)

setPolicyProcessors

@Autowired
public void setPolicyProcessors(List<PolicyProcessorContribution> processors)

setGuardFactories

@Autowired
public void setGuardFactories(List<GuardFactory> guardFactories)

initializeService

@PostConstruct
public void initializeService()

getPolicy

public Policy getPolicy()

Specified by:

getPolicy in interface SecurityManager

reloadPolicy

public void reloadPolicy()

Specified by:

reloadPolicy in interface SecurityManager

getAnonymousContext

public SecurityContext getAnonymousContext()

Specified by:

getAnonymousContext in interface SecurityManager

anonymous

public Invoker anonymous()

Specified by:

anonymous in interface SecurityManager

Returns:

Invoker that runs with an anonymous principal

See Also:

• SecurityManager.getAnonymousContext()

withLogin

public Invoker withLogin(Principal principal)

Specified by:

withLogin in interface SecurityManager

Returns:

Invoker that runs with the passed principal

withLogin

public Invoker withLogin(String username,
 String password)

Specified by:

withLogin in interface SecurityManager

Returns:

Invoker that runs with the principal of the passed username and password

withLogin

public Invoker withLogin(String username,
 String password,
 boolean ignoreCaptchaVerification)

Specified by:

withLogin in interface SecurityManager

Parameters:

ignoreCaptchaVerification - if true, ReCaptcha validation is skipped during login

Returns:

Invoker that runs with the principal of the passed username and password

login

public SecurityContext login(Principal principal,
 @Nullable
 @Nullable UUID sessionId,
 boolean disablePolicyProcessors)
                      throws SecurityException

Specified by:

login in interface SecurityManager

Throws:

SecurityException

logout

public void logout(SecurityContext securityContext)

Description copied from interface: SecurityManager

Called to clean up resources when a SecurityContext is destroyed

Specified by:

logout in interface SecurityManager

processPolicy

public Policy processPolicy(Object target,
 Policy policy,
 Phase phase,
 Predicate<Rule> filter,
 boolean disableProcessors)

Specified by:

processPolicy in interface SecurityManager

enterPrivileged

public void enterPrivileged()
                     throws SecurityException

Specified by:

enterPrivileged in interface SecurityManager

Throws:

SecurityException

exitPrivileged

public void exitPrivileged()
                    throws SecurityException

Specified by:

exitPrivileged in interface SecurityManager

Throws:

SecurityException

privileged

public Invoker privileged()

Specified by:

privileged in interface SecurityManager

Returns:

Invoker that runs in privileged mode

secured

public Invoker secured()

Specified by:

secured in interface SecurityManager

Returns:

Invoker that runs in secured mode (i.e. privileged mode is not active)

isPrivileged

public boolean isPrivileged()

Specified by:

isPrivileged in interface SecurityManager

readPermission

public Permission readPermission(String domainName,
 String expression)
                          throws InvalidPermissionException

Specified by:

readPermission in interface SecurityManager

Throws:

InvalidPermissionException

getAllDomains

public Map<String,SecurityDomain> getAllDomains()

withRules

public Invoker withRules(Consumer<PolicyBuilder> consumer)

Description copied from interface: SecurityManager

Note: This method sets a new SecurityContext into the ExecutionContext. To get the enhanced policy, it needs to be fetched again from the ExecutionContext.

Specified by:

withRules in interface SecurityManager

Returns:

an invoker that runs with the given rules

withAdditionalRules

public Invoker withAdditionalRules(Consumer<PolicyBuilder> consumer)

Description copied from interface: SecurityManager

Note: This method sets a new SecurityContext into the ExecutionContext. To get the enhanced policy, it needs to be fetched again from the ExecutionContext.

Specified by:

withAdditionalRules in interface SecurityManager

Returns:

an invoker that runs with an enhanced policy which contains the additional given rules