org.apache.geronimo.security.realm
Class GenericSecurityRealm

java.lang.Object
  org.apache.geronimo.security.realm.GenericSecurityRealm

All Implemented Interfaces:

org.apache.geronimo.management.geronimo.SecurityRealm, ConfigurationEntryFactory

public class GenericSecurityRealm
extends Object
implements SecurityRealm, ConfigurationEntryFactory

A security realm that can be configured for one or more login modules. It can handle a combination of client-side and server-side login modules for the case of remote clients, and it can auto-role-mapping for its login modules (though you must configure it for that).

This realm populates a number of special login module options for the benefit of Geronimo login modules (though some of them are only available to server-side login modules, marked as not Serializable below):

 Option                                      Type                   Serializable
 JaasLoginModuleUse.KERNEL_LM_OPTION       String (Kernel name)        Yes
 JaasLoginModuleUse.SERVERINFO_LM_OPTION   ServerInfo                  No
 JaasLoginModuleUse.CLASSLOADER_LM_OPTION  ClassLoader                 No
 

These options can be safely ignored by login modules that don't need them (such as any custom LoginModules you may already have lying around).

Field Summary

static org.apache.geronimo.gbean.GBeanInfo

GBEAN_INFO

Fields inherited from interface org.apache.geronimo.security.realm.SecurityRealm

BASE_OBJECT_NAME

Constructor Summary

GenericSecurityRealm(String realmName, JaasLoginModuleUse loginModuleUse, boolean restrictPrincipalsToServer, boolean wrapPrincipals, PrincipalInfo defaultPrincipalInfo, org.apache.geronimo.system.serverinfo.ServerInfo serverInfo, ClassLoader classLoader, org.apache.geronimo.kernel.Kernel kernel, JaasLoginServiceMBean loginService)

Method Summary

JaasLoginModuleConfiguration	generateConfiguration() Generate a JaasLoginModuleConfiguration
JaasLoginModuleConfiguration[]	getAppConfigurationEntries()
String	getConfigurationName() Used to obtain the configuration name to be associated with the generated JaasLoginModuleConfiguration.
PrincipalInfo	getDefaultPrincipal() Provides the default principal to be used when an unauthenticated subject uses a container.
static org.apache.geronimo.gbean.GBeanInfo	getGBeanInfo()
String[]	getLoginDomains() Gets a list of the login domains that make up this security realm.
JaasLoginModuleChain	getLoginModuleChain()
String	getRealmName()
boolean	isRestrictPrincipalsToServer() A GBean property.
boolean	isWrapPrincipals() If this attribute is true, then the principals will be wrapped in realm principals.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

GBEAN_INFO

public static final org.apache.geronimo.gbean.GBeanInfo GBEAN_INFO

Constructor Detail

GenericSecurityRealm

public GenericSecurityRealm(String realmName,
                            JaasLoginModuleUse loginModuleUse,
                            boolean restrictPrincipalsToServer,
                            boolean wrapPrincipals,
                            PrincipalInfo defaultPrincipalInfo,
                            org.apache.geronimo.system.serverinfo.ServerInfo serverInfo,
                            ClassLoader classLoader,
                            org.apache.geronimo.kernel.Kernel kernel,
                            JaasLoginServiceMBean loginService)

Method Detail

getRealmName

public String getRealmName()

Specified by:

getRealmName in interface org.apache.geronimo.management.geronimo.SecurityRealm

getAppConfigurationEntries

public JaasLoginModuleConfiguration[] getAppConfigurationEntries()

getLoginModuleChain

public JaasLoginModuleChain getLoginModuleChain()

getLoginDomains

public String[] getLoginDomains()

Gets a list of the login domains that make up this security realm. A particular LoginModule represents 0 or 1 login domains, and a realm is composed of a number of login modules, so the realm may cover any number of login domains, though typically that number will be 1.

getDefaultPrincipal

public PrincipalInfo getDefaultPrincipal()

Provides the default principal to be used when an unauthenticated subject uses a container.

Returns:

the default principal

isRestrictPrincipalsToServer

public boolean isRestrictPrincipalsToServer()

A GBean property. If set to true, the login service will not return principals generated by this realm to clients. If set to false (the default), the client will get a copy of all principals (except realm principals generated strictly for use within Geronimo).

isWrapPrincipals

public boolean isWrapPrincipals()

If this attribute is true, then the principals will be wrapped in realm principals.

getConfigurationName

public String getConfigurationName()

Description copied from interface: ConfigurationEntryFactory

Used to obtain the configuration name to be associated with the generated JaasLoginModuleConfiguration.

Specified by:

getConfigurationName in interface ConfigurationEntryFactory

Returns:

the configuration name

generateConfiguration

public JaasLoginModuleConfiguration generateConfiguration()

Description copied from interface: ConfigurationEntryFactory

Generate a JaasLoginModuleConfiguration

Specified by:

generateConfiguration in interface ConfigurationEntryFactory

Returns:

a JaasLoginModuleConfiguration

getGBeanInfo

public static org.apache.geronimo.gbean.GBeanInfo getGBeanInfo()