SecurityManager (GigaSpaces XAP 7.0 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

GigaSpaces XAP 7.0 API

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.gigaspaces.security
Interface SecurityManager

public interface SecurityManager

Interface for authentication and creating of the directory manager. The SecurityManager can be obtained by the SecurityFactory. The properties represent the service specific properties that will be used to initialize the SecurityManager instance.

Since:: 7.0.1
Author:: Moran Avigdor

Field Summary
`static String`	`SECURITY_MANAGER_CLASS_PROPERTY_KEY` The property key identifying the security manager in a properties file/object

Method Summary
`Authentication`	`authenticate(UserDetails userDetails)` Attempts to authenticate the passed user represented by `UserDetails`, returning a fully populated `UserDetails` object (including granted authorities) if successful.
`void`	`close()` Closes any excess resource kept by the security manager; e.g. connection to a data-source.
`DirectoryManager`	`createDirectoryManager(UserDetails userDetails)` Attempts to authenticate the passed user represented by `UserDetails`, granting access only for users that are allowed to manage the directory.
`void`	`init(Properties properties)` Initializes this security manager instance with implementation specific properties, and any resource creation/access needed.

Field Detail

SECURITY_MANAGER_CLASS_PROPERTY_KEY

static final String SECURITY_MANAGER_CLASS_PROPERTY_KEY

The property key identifying the security manager in a properties file/object

See Also:: Constant Field Values

Method Detail

init

void init(Properties properties)
          throws SecurityException

Initializes this security manager instance with implementation specific properties, and any resource creation/access needed.

Parameters:: properties - properties to use configure this instance.
Throws:: SecurityException

authenticate

Authentication authenticate(UserDetails userDetails)
                            throws AuthenticationException

Attempts to authenticate the passed user represented by UserDetails, returning a fully populated UserDetails object (including granted authorities) if successful.

Parameters:: userDetails - the user request object
Returns:: a fully authenticated object including authorities
Throws:: AuthenticationException - if authentication fails

createDirectoryManager

DirectoryManager createDirectoryManager(UserDetails userDetails)
                                        throws AuthenticationException,
                                               AccessDeniedException

Attempts to authenticate the passed user represented by UserDetails, granting access only for users that are allowed to manage the directory.

Creates a directory manager for managing of users and roles, granting access only for users that are allowed to manage, but may be restrictive (to read-only) based on their privileges.

If the directory is to be managed by an external tool, implementors may wish to throw DirectoryAccessDeniedException to deny access to the API (e.g. from UI).

Parameters:: userDetails - the user request object
Returns:: a directory manager instance
Throws:: AuthenticationException - if authentication fails for the specified user; AccessDeniedException - if not granted sufficient access required to manage role details; DirectoryAccessDeniedException - if the directory should not be managed by API.

close

void close()

Closes any excess resource kept by the security manager; e.g. connection to a data-source.