oracle.adf.share.security

Class SecurityContextImpl

java.lang.Object

java.util.AbstractMap

oracle.adf.share.security.SecurityContextMap

oracle.adf.share.security.SecurityContextImpl

All Implemented Interfaces:

java.util.Map, javax.naming.Context, SecurityContext

Direct Known Subclasses:

ADFBaseSecurityContext, JpsSecurityContext

public class SecurityContextImpl
extends SecurityContextMap
implements SecurityContext

Internal: Applications should not use this class.

Nested Class Summary

Nested classes/interfaces inherited from class java.util.AbstractMap

java.util.AbstractMap.SimpleEntry<K,V>, java.util.AbstractMap.SimpleImmutableEntry<K,V>

Nested classes/interfaces inherited from interface java.util.Map

java.util.Map.Entry<K,V>

Field Summary

Fields

Modifier and Type	Field and Description
protected static ADFLogger	_adfSecLogger
protected static ADFLogger	_adfShowPrincipalsLogger
protected boolean	_isJEE
static java.lang.String	ADF_SECURITY_SHOW_PRINCIPALS_LOGGER_NAME
protected java.util.Hashtable	mEnv
protected java.lang.String	mNamedContext
protected java.util.Hashtable	mNames
protected PermissionState	mPermissionState
static java.lang.String	USERASSERTION_SUBJECT

Fields inherited from interface javax.naming.Context

APPLET, AUTHORITATIVE, BATCHSIZE, DNS_URL, INITIAL_CONTEXT_FACTORY, LANGUAGE, OBJECT_FACTORIES, PROVIDER_URL, REFERRAL, SECURITY_AUTHENTICATION, SECURITY_CREDENTIALS, SECURITY_PRINCIPAL, SECURITY_PROTOCOL, STATE_FACTORIES, URL_PKG_PREFIXES

Constructor Summary

Constructors

Constructor and Description
SecurityContextImpl() Internal: Applications should not use this method.
SecurityContextImpl(java.util.Hashtable env) Internal: Applications should not use this method.
SecurityContextImpl(java.util.Map env)

Method Summary

Modifier and Type	Method and Description
java.lang.Object	addToEnvironment(java.lang.String propName, java.lang.Object propVal)
boolean	attachToLightweightSession(java.sql.Connection conn) Attach connection to lightweight XS session
void	bind(javax.naming.Name name, java.lang.Object obj)
void	bind(java.lang.String name, java.lang.Object obj)
void	close()
javax.naming.Name	composeName(javax.naming.Name name, javax.naming.Name prefix)
java.lang.String	composeName(java.lang.String name, java.lang.String prefix)
java.security.Permission	createPermissionInstance(java.util.Hashtable values) Create a FunctionPermission, DataPermission or Permission.
javax.naming.Context	createSubcontext(javax.naming.Name name)
javax.naming.Context	createSubcontext(java.lang.String name)
void	destroySubcontext(javax.naming.Name name)
void	destroySubcontext(java.lang.String name)
boolean	detachFromLightweightSession() Detach connection from lightweight XS session
java.lang.Object	getAttachedLightweightSession() Return the attached lightweight XS session
java.security.Principal	getAuthorizationPrincipal() Get the current authorizationn principal.
javax.security.auth.Subject	getAuthorizationSubject() Get the current authorization subject.
java.util.Hashtable	getEnvironment()
java.lang.String	getNameInNamespace()
javax.naming.NameParser	getNameParser(javax.naming.Name name)
javax.naming.NameParser	getNameParser(java.lang.String name)
PermissionState	getPermissionState() Internal: Applications should not use this method. Return the current active PermissionState
javax.security.auth.Subject	getSubject() Retrieves the subject in the SecurityContext or AccessController context.
java.lang.String	getUserName() Internal: Applications should not use this method.
java.security.Principal	getUserPrincipal() Internal: Applications should not use this method.
UserProfile	getUserProfile() Internal: Applications should not use this method.
java.lang.String[]	getUserRoles() A list of role names in the Subject
boolean	hasPermission(java.security.Permission permission) Internal: Applications should not use this method.
protected java.lang.Object	internalGet(java.lang.String key)
protected java.lang.Boolean	internalGetAuthenticated()
protected java.lang.String	internalGetPolicyContextId()
protected boolean	internalHasPermission(java.security.Permission permission)
protected void	internalSetAuthenticated()
protected void	internalSetPolicyContextId(java.lang.String appId)
boolean	isAnyoneEnabled() Internal: Applications should not use this class. True if anyone role is enable
boolean	isAuthenticated() True if authenticated
boolean	isAuthenticationEnabled() True if authenticationRequired set
boolean	isAuthorizationEnabled() Internal: Applications should not use this method.
boolean	isPageSecurityMetadataEnabled() Internal: Applications should not use this method. True if page security metadata is enable.
boolean	isReAuthenticated(long time) True if re-authenticated since last time
boolean	isUserAssertion()
boolean	isUserInRole(java.lang.String roleName) True if user is in the specified role
boolean	isXSMode() True is using DB Extensible Security (XS)
javax.naming.NamingEnumeration	list(javax.naming.Name name)
javax.naming.NamingEnumeration	list(java.lang.String name)
javax.naming.NamingEnumeration	listBindings(javax.naming.Name name)
javax.naming.NamingEnumeration	listBindings(java.lang.String name)
java.lang.Object	lookup(javax.naming.Name name)
java.lang.Object	lookup(java.lang.String name)
java.lang.Object	lookupLink(javax.naming.Name name)
java.lang.Object	lookupLink(java.lang.String name)
void	rebind(javax.naming.Name name, java.lang.Object obj)
void	rebind(java.lang.String name, java.lang.Object obj)
java.lang.Object	removeFromEnvironment(java.lang.String propName)
void	rename(javax.naming.Name oldName, javax.naming.Name newName)
void	rename(java.lang.String oldName, java.lang.String newName)
void	setAuthorizationSubject(javax.security.auth.Subject subject)
void	setPermissionState(PermissionState permissionState) Internal: Applications should not use this method. Set the PermissionState
protected void	setPrincipal(java.lang.Object principal)
void	setUserAssertion(boolean enableFlag)
protected void	showPrincipals()
void	unbind(javax.naming.Name name)
void	unbind(java.lang.String name)

Methods inherited from class oracle.adf.share.security.SecurityContextMap

entrySet, equals, get, hashCode

Methods inherited from class java.util.AbstractMap

clear, clone, containsKey, containsValue, isEmpty, keySet, put, putAll, remove, size, toString, values

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.util.Map

compute, computeIfAbsent, computeIfPresent, forEach, getOrDefault, merge, putIfAbsent, remove, replace, replace, replaceAll

Field Detail

_adfSecLogger

protected static final ADFLogger _adfSecLogger

ADF_SECURITY_SHOW_PRINCIPALS_LOGGER_NAME

public static final java.lang.String ADF_SECURITY_SHOW_PRINCIPALS_LOGGER_NAME

See Also:

Constant Field Values

_adfShowPrincipalsLogger

protected static final ADFLogger _adfShowPrincipalsLogger

mEnv

protected java.util.Hashtable mEnv

mNames

protected java.util.Hashtable mNames

mNamedContext

protected java.lang.String mNamedContext

mPermissionState

protected PermissionState mPermissionState

_isJEE

protected boolean _isJEE

USERASSERTION_SUBJECT

@Concealed
public static final java.lang.String USERASSERTION_SUBJECT

See Also:

Constant Field Values

Constructor Detail

SecurityContextImpl

public SecurityContextImpl()

Internal: Applications should not use this method.

SecurityContextImpl

public SecurityContextImpl(java.util.Map env)

SecurityContextImpl

public SecurityContextImpl(java.util.Hashtable env)

Internal: Applications should not use this method.

Method Detail

getUserPrincipal

public java.security.Principal getUserPrincipal()

Internal: Applications should not use this method.

Specified by:

getUserPrincipal in interface SecurityContext

Returns:

the user principal

getUserProfile

public UserProfile getUserProfile()

Internal: Applications should not use this method.

Specified by:

getUserProfile in interface SecurityContext

Returns:

the user profile object

getUserName

public java.lang.String getUserName()

Internal: Applications should not use this method.

Specified by:

getUserName in interface SecurityContext

Returns:

the name of the user principal

isAuthorizationEnabled

public boolean isAuthorizationEnabled()

Internal: Applications should not use this method.

Specified by:

isAuthorizationEnabled in interface SecurityContext

Returns:

true if authorization check should be performed.

isAuthenticationEnabled

public boolean isAuthenticationEnabled()

Description copied from interface: SecurityContext

True if authenticationRequired set

Specified by:

isAuthenticationEnabled in interface SecurityContext

Returns:

true if authentication require flag set to be enforced by security constraints.

hasPermission

public boolean hasPermission(java.security.Permission permission)

Internal: Applications should not use this method.

Specified by:

hasPermission in interface SecurityContext

Parameters:

permission - the permission to be checked

Returns:

true if the principal has the specified permission.

internalHasPermission

protected boolean internalHasPermission(java.security.Permission permission)

getPermissionState

public PermissionState getPermissionState()

Internal: Applications should not use this method. Return the current active PermissionState

Specified by:

getPermissionState in interface SecurityContext

setPermissionState

public void setPermissionState(PermissionState permissionState)

Internal: Applications should not use this method. Set the PermissionState

Specified by:

setPermissionState in interface SecurityContext

Parameters:

permissionState - the active permission state

isPageSecurityMetadataEnabled

public boolean isPageSecurityMetadataEnabled()

Internal: Applications should not use this method. True if page security metadata is enable. The default is false if pageSecurityMetadataEnable not set in adf-config.xml

Specified by:

isPageSecurityMetadataEnabled in interface SecurityContext

list

public javax.naming.NamingEnumeration list(java.lang.String name)
                                    throws javax.naming.NamingException

Specified by:

list in interface javax.naming.Context

Throws:

javax.naming.NamingException

list

public javax.naming.NamingEnumeration list(javax.naming.Name name)
                                    throws javax.naming.NamingException

Specified by:

list in interface javax.naming.Context

Throws:

javax.naming.NamingException

listBindings

public javax.naming.NamingEnumeration listBindings(java.lang.String name)
                                            throws javax.naming.NamingException

Specified by:

listBindings in interface javax.naming.Context

Throws:

javax.naming.NamingException

listBindings

public javax.naming.NamingEnumeration listBindings(javax.naming.Name name)
                                            throws javax.naming.NamingException

Specified by:

listBindings in interface javax.naming.Context

Throws:

javax.naming.NamingException

rename

public void rename(java.lang.String oldName,
                   java.lang.String newName)
            throws javax.naming.NamingException

Specified by:

rename in interface javax.naming.Context

Throws:

javax.naming.NamingException

rename

public void rename(javax.naming.Name oldName,
                   javax.naming.Name newName)
            throws javax.naming.NamingException

Specified by:

rename in interface javax.naming.Context

Throws:

javax.naming.NamingException

bind

public void bind(java.lang.String name,
                 java.lang.Object obj)
          throws javax.naming.NamingException

Specified by:

bind in interface javax.naming.Context

Throws:

javax.naming.NamingException

bind

public void bind(javax.naming.Name name,
                 java.lang.Object obj)
          throws javax.naming.NamingException

Specified by:

bind in interface javax.naming.Context

Throws:

javax.naming.NamingException

rebind

public void rebind(java.lang.String name,
                   java.lang.Object obj)
            throws javax.naming.NamingException

Specified by:

rebind in interface javax.naming.Context

Throws:

javax.naming.NamingException

rebind

public void rebind(javax.naming.Name name,
                   java.lang.Object obj)
            throws javax.naming.NamingException

Specified by:

rebind in interface javax.naming.Context

Throws:

javax.naming.NamingException

destroySubcontext

public void destroySubcontext(java.lang.String name)
                       throws javax.naming.NamingException

Specified by:

destroySubcontext in interface javax.naming.Context

Throws:

javax.naming.NamingException

destroySubcontext

public void destroySubcontext(javax.naming.Name name)
                       throws javax.naming.NamingException

Specified by:

destroySubcontext in interface javax.naming.Context

Throws:

javax.naming.NamingException

unbind

public void unbind(java.lang.String name)
            throws javax.naming.NamingException

Specified by:

unbind in interface javax.naming.Context

Throws:

javax.naming.NamingException

unbind

public void unbind(javax.naming.Name name)
            throws javax.naming.NamingException

Specified by:

unbind in interface javax.naming.Context

Throws:

javax.naming.NamingException

createSubcontext

public javax.naming.Context createSubcontext(java.lang.String name)
                                      throws javax.naming.NamingException

Specified by:

createSubcontext in interface javax.naming.Context

Throws:

javax.naming.NamingException

createSubcontext

public javax.naming.Context createSubcontext(javax.naming.Name name)
                                      throws javax.naming.NamingException

Specified by:

createSubcontext in interface javax.naming.Context

Throws:

javax.naming.NamingException

lookup

public java.lang.Object lookup(java.lang.String name)
                        throws javax.naming.NamingException

Specified by:

lookup in interface javax.naming.Context

Throws:

javax.naming.NamingException

lookup

public java.lang.Object lookup(javax.naming.Name name)
                        throws javax.naming.NamingException

Specified by:

lookup in interface javax.naming.Context

Throws:

javax.naming.NamingException

lookupLink

public java.lang.Object lookupLink(java.lang.String name)
                            throws javax.naming.NamingException

Specified by:

lookupLink in interface javax.naming.Context

Throws:

javax.naming.NamingException

lookupLink

public java.lang.Object lookupLink(javax.naming.Name name)
                            throws javax.naming.NamingException

Specified by:

lookupLink in interface javax.naming.Context

Throws:

javax.naming.NamingException

getNameParser

public javax.naming.NameParser getNameParser(java.lang.String name)
                                      throws javax.naming.NamingException

Specified by:

getNameParser in interface javax.naming.Context

Throws:

javax.naming.NamingException

getNameParser

public javax.naming.NameParser getNameParser(javax.naming.Name name)
                                      throws javax.naming.NamingException

Specified by:

getNameParser in interface javax.naming.Context

Throws:

javax.naming.NamingException

composeName

public javax.naming.Name composeName(javax.naming.Name name,
                                     javax.naming.Name prefix)
                              throws javax.naming.NamingException

Specified by:

composeName in interface javax.naming.Context

Throws:

javax.naming.NamingException

composeName

public java.lang.String composeName(java.lang.String name,
                                    java.lang.String prefix)
                             throws javax.naming.NamingException

Specified by:

composeName in interface javax.naming.Context

Throws:

javax.naming.NamingException

addToEnvironment

public java.lang.Object addToEnvironment(java.lang.String propName,
                                         java.lang.Object propVal)
                                  throws javax.naming.NamingException

Specified by:

addToEnvironment in interface javax.naming.Context

Throws:

javax.naming.NamingException

removeFromEnvironment

public java.lang.Object removeFromEnvironment(java.lang.String propName)
                                       throws javax.naming.NamingException

Specified by:

removeFromEnvironment in interface javax.naming.Context

Throws:

javax.naming.NamingException

getEnvironment

public java.util.Hashtable getEnvironment()
                                   throws javax.naming.NamingException

Specified by:

getEnvironment in interface javax.naming.Context

Throws:

javax.naming.NamingException

close

public void close()
           throws javax.naming.NamingException

Specified by:

close in interface javax.naming.Context

Throws:

javax.naming.NamingException

getNameInNamespace

public java.lang.String getNameInNamespace()
                                    throws javax.naming.NamingException

Specified by:

getNameInNamespace in interface javax.naming.Context

Throws:

javax.naming.NamingException

setPrincipal

protected void setPrincipal(java.lang.Object principal)

isAuthenticated

public boolean isAuthenticated()

Description copied from interface: SecurityContext

True if authenticated

Specified by:

isAuthenticated in interface SecurityContext

Returns:

true if there is an authenticated user.

isUserInRole

public boolean isUserInRole(java.lang.String roleName)

Description copied from interface: SecurityContext

True if user is in the specified role

Specified by:

isUserInRole in interface SecurityContext

Returns:

true if current user in the role.

getUserRoles

public java.lang.String[] getUserRoles()

Description copied from interface: SecurityContext

A list of role names in the Subject

Specified by:

getUserRoles in interface SecurityContext

Returns:

a list of role principal names

getSubject

public javax.security.auth.Subject getSubject()

Description copied from interface: SecurityContext

Retrieves the subject in the SecurityContext or AccessController context.

Specified by:

getSubject in interface SecurityContext

Returns:

the current Subject

getAuthorizationSubject

public final javax.security.auth.Subject getAuthorizationSubject()

Get the current authorization subject.

Returns:

the subject.

setAuthorizationSubject

@Concealed
public final void setAuthorizationSubject(javax.security.auth.Subject subject)

getAuthorizationPrincipal

public final java.security.Principal getAuthorizationPrincipal()

Get the current authorizationn principal.

Returns:

the principal.

isAnyoneEnabled

public boolean isAnyoneEnabled()

Description copied from interface: SecurityContext

Internal: Applications should not use this class. True if anyone role is enable

Specified by:

isAnyoneEnabled in interface SecurityContext

Returns:

true if authorization check should be performed.

createPermissionInstance

public java.security.Permission createPermissionInstance(java.util.Hashtable values)

Description copied from interface: SecurityContext

Create a FunctionPermission, DataPermission or Permission. The hashtable specfied the permission types, privilge name and namespace.

Specified by:

createPermissionInstance in interface SecurityContext

Returns:

a permission instance

isXSMode

public boolean isXSMode()

Description copied from interface: SecurityContext

True is using DB Extensible Security (XS)

Specified by:

isXSMode in interface SecurityContext

attachToLightweightSession

public boolean attachToLightweightSession(java.sql.Connection conn)

Description copied from interface: SecurityContext

Attach connection to lightweight XS session

Specified by:

attachToLightweightSession in interface SecurityContext

detachFromLightweightSession

public boolean detachFromLightweightSession()

Description copied from interface: SecurityContext

Detach connection from lightweight XS session

Specified by:

detachFromLightweightSession in interface SecurityContext

getAttachedLightweightSession

public java.lang.Object getAttachedLightweightSession()

Description copied from interface: SecurityContext

Return the attached lightweight XS session

Specified by:

getAttachedLightweightSession in interface SecurityContext

isReAuthenticated

public boolean isReAuthenticated(long time)

Description copied from interface: SecurityContext

True if re-authenticated since last time

Specified by:

isReAuthenticated in interface SecurityContext

showPrincipals

protected void showPrincipals()

internalGetAuthenticated

protected java.lang.Boolean internalGetAuthenticated()

internalSetAuthenticated

protected void internalSetAuthenticated()

internalSetPolicyContextId

protected void internalSetPolicyContextId(java.lang.String appId)

internalGetPolicyContextId

protected java.lang.String internalGetPolicyContextId()

internalGet

protected java.lang.Object internalGet(java.lang.String key)

Overrides:

internalGet in class SecurityContextMap

setUserAssertion

@Concealed
public final void setUserAssertion(boolean enableFlag)

For internal use only. Application developers should not use this

isUserAssertion

@Concealed
public final boolean isUserAssertion()

For internal use only. Application developers should not use this