|
BEA Systems, Inc. | ||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--weblogic.security.acl.CachingRealm
Caching realm.
Inner Class Summary | |
protected static class |
CachingRealm.CaseInsensitiveUserInfo
Deprecated. This class is intended for use if the auth cache is not case-sensitive. |
protected static class |
CachingRealm.Entry
Deprecated. Cache entry class. |
protected static class |
CachingRealm.UserEntry
Deprecated. This is a special entry class, used only in the user positive cache. |
Field Summary | |
protected TTLCache |
aclNegCache
Deprecated. ACL negative cache. |
protected TTLCache |
aclPosCache
Deprecated. ACL positive cache. |
protected java.lang.Object |
aclSync
Deprecated. ACL sync object. |
protected TTLCache |
authNegCache
Deprecated. Authentication negative cache. |
protected TTLCache |
authPosCache
Deprecated. Authentication positive cache. |
protected boolean |
caseSensitive
Deprecated. Whether this cache is case-sensitive. |
protected TTLCache |
groupNegCache
Deprecated. Group negative cache. |
protected TTLCache |
groupPosCache
Deprecated. Group positive cache. |
protected java.lang.Object |
groupSync
Deprecated. Group sync object. |
protected weblogic.logging.LogOutputStream |
log
Deprecated. Debugging log. |
protected TTLCache |
permNegCache
Deprecated. Permission negative cache. |
protected TTLCache |
permPosCache
Deprecated. Permission positive cache. |
protected java.lang.Object |
permSync
Deprecated. Permission sync object. |
protected TTLCache |
userNegCache
Deprecated. User negative cache. |
protected TTLCache |
userPosCache
Deprecated. User positive cache. |
protected java.lang.Object |
userSync
Deprecated. User and authentication sync object. |
Constructor Summary | |
CachingRealm(ListableRealm delegate)
Deprecated. Create a new caching realm instance. |
|
CachingRealm(ListableRealm delegate,
ManageableRealm backup,
java.lang.Object credential)
Deprecated. Create a new caching realm instance. |
Method Summary | |
User |
authenticate(UserInfo userInfo)
Deprecated. Attempt to authenticate the given user. |
void |
clearAclCaches()
Deprecated. Clear the ACL positive and negative caches. |
void |
clearCaches()
Deprecated. Clear all caches. |
void |
clearGroupCaches()
Deprecated. Clear the group positive and negative caches. |
void |
clearPermCaches()
Deprecated. Clear the permission positive and negative caches. |
void |
clearUserCaches()
Deprecated. Clear all user-related caches. |
void |
deleteAcl(java.security.Principal owner,
java.security.acl.Acl acl)
Deprecated. Delete an ACL from both the delegate and backup realms. |
void |
deleteGroup(java.security.acl.Group group)
Deprecated. Delete a group from both the delegate and backup realms. |
void |
deletePermission(java.security.acl.Permission perm)
Deprecated. Delete a permission from both the delegate and backup realms. |
void |
deleteUser(User user)
Deprecated. Delete a user from both the delegate and backup realms. |
java.security.acl.Acl |
getAcl(java.lang.String name)
Deprecated. |
java.security.acl.Acl |
getAcl(java.lang.String name,
char separator)
Deprecated. |
java.security.Principal |
getAclOwner(java.lang.Object credential)
Deprecated. This is a direct call through to getAclOwner in delegate and/or backup realms. |
java.util.Enumeration |
getAcls()
Deprecated. Return all ACLs in both the delegate and backup realms. |
java.lang.Object |
getCacheValue(java.lang.Object propId)
Deprecated. |
weblogic.logging.LogOutputStream |
getDebugLog()
Deprecated. |
java.lang.Class |
getDelegateClass()
Deprecated. Return the class of the delegate realm. |
java.security.acl.Group |
getGroup(java.lang.String name)
Deprecated. |
java.util.Enumeration |
getGroups()
Deprecated. Return all groups in both the delegate and backup realms. |
java.lang.String |
getName()
Deprecated. Return the name of this realm. |
java.security.acl.Permission |
getPermission(java.lang.String name)
Deprecated. |
java.util.Enumeration |
getPermissions()
Deprecated. Return all permissions in both the delegate and backup realms. |
java.security.Principal |
getPrincipal(java.lang.String name)
Deprecated. |
User |
getUser(java.lang.String name)
Deprecated. Return the User. |
User |
getUser(UserInfo userInfo)
Deprecated. Call through to the authenticate method. |
java.util.Enumeration |
getUsers()
Deprecated. Return all users in both the delegate and backup realms. |
void |
init(java.lang.String name,
java.lang.Object ownerCredential)
Deprecated. Call through to the init methods in the delegate and backup realms. |
void |
load(java.lang.String name,
java.lang.Object credential)
Deprecated. Call through to the load methods in the delegate and backup realms. |
java.security.acl.Acl |
lookupAcl(java.lang.String name)
Deprecated. Look for the given ACL in the cache. |
java.security.acl.Acl |
lookupAcl(java.lang.String name,
char separator)
Deprecated. |
java.security.acl.Group |
lookupGroup(java.lang.String name)
Deprecated. Look for the given group in the cache. |
java.security.acl.Permission |
lookupPermission(java.lang.String name)
Deprecated. Perform a cache lookup for a permission. |
java.security.Principal |
lookupPrincipal(java.lang.String name)
Deprecated. Look for the named principal in the user and group caches. |
User |
lookupUser(java.lang.String name)
Deprecated. Look for the given user in the cache. |
BasicRealm |
masqueradeAs(java.lang.String realmName)
Deprecated. Ensure that the given name in the set of realms points to this realm. |
java.security.acl.Acl |
newAcl(java.security.Principal owner,
java.lang.String name)
Deprecated. Create a new ACL in a realm-specific way. |
java.security.acl.Group |
newGroup(java.lang.String name)
Deprecated. Create a new group in a realm-specific way. |
java.security.acl.Permission |
newPermission(java.lang.String name)
Deprecated. Create a new permission in a realm-specific way. |
User |
newUser(java.lang.String name,
java.lang.Object credential,
java.lang.Object constraints)
Deprecated. Create a new user in a realm-specific way. |
void |
refresh()
Deprecated. Refresh by emptying the caches, refreshing the delegate & backup - the CachingRealm will auto-refresh as users/groups/acls are looked up after the caches have been emptied |
void |
save(java.lang.String name)
Deprecated. Call through to the save methods in the delegate and backup realms. |
void |
setDebug(boolean enable)
Deprecated. |
void |
setPermission(java.security.acl.Acl acl,
java.security.Principal principal,
java.security.acl.Permission permission,
boolean allow)
Deprecated. Sets or unsets a permission for a principal in an ACL. |
Methods inherited from class java.lang.Object |
clone,
equals,
finalize,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
Field Detail |
protected boolean caseSensitive
protected TTLCache aclPosCache
aclNegCache
,
aclSync
protected TTLCache aclNegCache
aclPosCache
,
aclSync
protected final java.lang.Object aclSync
aclPosCache
,
aclNegCache
protected TTLCache groupPosCache
groupNegCache
,
groupSync
protected TTLCache groupNegCache
groupPosCache
,
groupSync
protected final java.lang.Object groupSync
groupPosCache
,
groupNegCache
protected TTLCache permPosCache
permNegCache
,
permSync
protected TTLCache permNegCache
permPosCache
,
permSync
protected final java.lang.Object permSync
permPosCache
,
permNegCache
protected TTLCache userPosCache
userNegCache
,
authPosCache
,
authNegCache
,
userSync
protected TTLCache userNegCache
userPosCache
,
authPosCache
,
authNegCache
,
userSync
protected TTLCache authPosCache
userPosCache
,
userNegCache
,
authNegCache
,
userSync
protected TTLCache authNegCache
userPosCache
,
userNegCache
,
authPosCache
,
userSync
protected final java.lang.Object userSync
userPosCache
,
userNegCache
,
authPosCache
,
authNegCache
protected weblogic.logging.LogOutputStream log
Constructor Detail |
public CachingRealm(ListableRealm delegate)
delegate
- the realm to delegate topublic CachingRealm(ListableRealm delegate, ManageableRealm backup, java.lang.Object credential)
delegate
- the realm to delegate tobackup
- the backup realm to delegate tocredential
- security credentialMethod Detail |
public BasicRealm masqueradeAs(java.lang.String realmName)
Realm.getRealm(java.lang.String)
public void init(java.lang.String name, java.lang.Object ownerCredential) throws java.security.acl.NotOwnerException
BasicRealm.init(java.lang.String, java.lang.Object)
public java.lang.String getName()
public User getUser(java.lang.String name)
name
- String name of userpublic java.security.Principal lookupPrincipal(java.lang.String name)
public java.security.Principal getPrincipal(java.lang.String name)
public User lookupUser(java.lang.String name)
public User getUser(UserInfo userInfo)
authenticate(weblogic.security.acl.UserInfo)
public User authenticate(UserInfo userInfo)
userInfo
- authentication info associated with the userpublic java.security.Principal getAclOwner(java.lang.Object credential)
BasicRealm.getAclOwner(java.lang.Object)
public java.security.acl.Group lookupGroup(java.lang.String name)
public java.security.acl.Group getGroup(java.lang.String name)
name
- of the group to getpublic java.security.acl.Acl lookupAcl(java.lang.String name)
public java.security.acl.Acl getAcl(java.lang.String name)
name
- of the Acl to retrievepublic java.security.acl.Acl lookupAcl(java.lang.String name, char separator)
name
- of Acl to look upseparator
- character that separates segments in an Acl name, usually '.'public java.security.acl.Acl getAcl(java.lang.String name, char separator)
name
- of the Acl to lookupseparator
- character that separates segments in an Acl namepublic java.security.acl.Permission lookupPermission(java.lang.String name)
name
- of permission to lookuppublic java.security.acl.Permission getPermission(java.lang.String name)
name
- Permission to getpublic void load(java.lang.String name, java.lang.Object credential) throws java.lang.ClassNotFoundException, java.io.IOException, java.security.acl.NotOwnerException
BasicRealm.load(java.lang.String, java.lang.Object)
public void save(java.lang.String name) throws java.io.IOException
BasicRealm.save(java.lang.String)
public User newUser(java.lang.String name, java.lang.Object credential, java.lang.Object constraints) throws java.lang.SecurityException
Note: we do not currently attempt to clear the negative authentication cache when a new user is created, because there may be several negative hits associated with a given user and keeping track of them is not practicable.
For this reason, you should keep the time-to-live value on the negative authentication cache low if you intend to add users to a realm, otherwise you risk denying them access because of negative cache entries that have not yet expired.
If you must ensure that the negative authentication cache is cleared when a user is created, simply extend this class and make sure that your implementation of this method traverses the negative authentication cache, clearing any entries whose names match the name of the new user. This may be an expensive operation, depending on cache size and frequency of user creation.
ManageableRealm.newUser(java.lang.String, java.lang.Object, java.lang.Object)
public java.security.acl.Group newGroup(java.lang.String name) throws java.lang.SecurityException
ManageableRealm.newGroup(java.lang.String)
public java.security.acl.Acl newAcl(java.security.Principal owner, java.lang.String name) throws java.lang.SecurityException
ManageableRealm.newAcl(java.security.Principal, java.lang.String)
public java.security.acl.Permission newPermission(java.lang.String name) throws java.lang.SecurityException
ManageableRealm.newPermission(java.lang.String)
public void deleteUser(User user) throws java.lang.SecurityException
ManageableRealm.deleteUser(weblogic.security.acl.User)
public void deleteGroup(java.security.acl.Group group) throws java.lang.SecurityException
ManageableRealm.deleteGroup(java.security.acl.Group)
public void deletePermission(java.security.acl.Permission perm) throws java.lang.SecurityException
ManageableRealm.deletePermission(java.security.acl.Permission)
public void deleteAcl(java.security.Principal owner, java.security.acl.Acl acl) throws java.lang.SecurityException
ManageableRealm.deleteAcl(java.security.Principal, java.security.acl.Acl)
public void setPermission(java.security.acl.Acl acl, java.security.Principal principal, java.security.acl.Permission permission, boolean allow)
ManageableRealm.setPermission(java.security.acl.Acl, java.security.Principal, java.security.acl.Permission, boolean)
public java.util.Enumeration getUsers()
ListableRealm.getUsers()
public java.util.Enumeration getGroups()
ListableRealm.getGroups()
public java.util.Enumeration getAcls()
ListableRealm.getAcls()
public java.util.Enumeration getPermissions()
ListableRealm.getPermissions()
public void refresh()
public void clearCaches()
public void clearUserCaches()
public void clearGroupCaches()
public void clearAclCaches()
public void clearPermCaches()
public void setDebug(boolean enable)
public weblogic.logging.LogOutputStream getDebugLog()
public java.lang.Class getDelegateClass()
public java.lang.Object getCacheValue(java.lang.Object propId)
|
Documentation is available at http://download.oracle.com/docs/cd/E13222_01/wls/docs81b |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |