class SecurityContext
extends java.lang.Object
Modifier and Type | Field and Description |
---|---|
private int[] |
accList
combined rights check list
|
private SecurityCache |
cache
security cache this context stack is bound to
|
private java.lang.Object |
cleanupLock
Lock to avoid the cleanup to take place simultaneusly.
|
private java.util.Map[] |
decisionCache
caches access decisions made under this context
|
private int[] |
groupId
saved groupIds
|
private int[] |
grpsAcc
indices of group accounts
|
private boolean |
isInitial
flags the initial security context
|
private int |
procAcc
index of process account
|
private int |
procId
saved procId
|
private SessionToken |
sessionToken
unique session token for this security context
|
(package private) static int |
SYSTEM_SESSION
Reserved session ID for system threads
|
private java.util.concurrent.ConcurrentMap<ContextKey,java.lang.Object> |
tokenMap
a map of arbitrary tokens that are associated with the context
|
private java.util.concurrent.atomic.AtomicInteger |
use
use count for this context
|
private int |
userAcc
index of user account
|
private int |
userId
saved userId
|
Modifier | Constructor and Description |
---|---|
(package private) |
SecurityContext(SecurityCache cache,
int proc,
int user,
int[] groups,
int nres,
boolean initial)
Package private constructor used to create a system session context.
|
(package private) |
SecurityContext(SecurityCache cache,
int proc,
int user,
int[] groups,
int nres,
int session,
java.lang.String subject)
Package private constructor used to create a user or system session
context.
|
private |
SecurityContext(SecurityCache cache,
int proc,
int user,
int[] groups,
int nres,
int session,
java.lang.String subject,
boolean initial)
Private rivate constructor used to create a user or system session
context.
|
Modifier and Type | Method and Description |
---|---|
(package private) boolean |
addToken(ContextKey key,
java.lang.Object token)
Adds a token to the context map.
|
(package private) void |
assign()
Marks this security context as assigned by incrementing its use count.
|
(package private) void |
cleanup()
Finalizes this security context.
|
private void |
cleanupWorker(boolean reset)
Actual worker which fully cleans or just resets the context-local data.
|
private static java.util.Set<ContextKey> |
cleanupWorker(boolean reset,
java.util.Map<ContextKey,java.lang.Object> tm)
Actual worker which fully cleans or just resets the copy of the context-local data.
|
(package private) SecurityCache |
getCache()
Gets the security cache this context is bound to.
|
(package private) int[] |
getCheckList()
Gets the array of accounts associated with this context.
|
(package private) java.util.Map[] |
getDecisionCache()
Gets the access decision cache.
|
(package private) int[] |
getIdList()
Gets the array of original subject IDs of this context.
|
(package private) int |
getProcessOrdinal()
Gets process account index.
|
(package private) int |
getSessionId()
Gets session ID.
|
(package private) SessionToken |
getSessionToken()
Gets session token.
|
(package private) java.lang.Object |
getToken(ContextKey key)
Gets the token from the context map.
|
(package private) int |
getUserOrdinal()
Gets user account index.
|
(package private) boolean |
hasToken(ContextKey key)
Checks whether the specified token is in the context map.
|
(package private) boolean |
isInitial()
Checks whether this context is initial.
|
(package private) boolean |
removeToken(ContextKey key)
Remove a token from the context map.
|
(package private) void |
reset()
Reset this security context.
|
private static void |
reset(java.lang.Object payload)
Reset the object if applicable
|
(package private) void |
transferAllTokens(SecurityContext other)
Copies all tokens to the given context and clears the token map of the
current instance.
|
(package private) boolean |
unassign()
Marks this security context as unassigned by decrementing its use count.
|
static final int SYSTEM_SESSION
private final boolean isInitial
private final int procAcc
private final int userAcc
private final int[] grpsAcc
private final int[] accList
private final java.util.concurrent.atomic.AtomicInteger use
private final java.util.Map[] decisionCache
private final int procId
private final int userId
private final int[] groupId
private final java.util.concurrent.ConcurrentMap<ContextKey,java.lang.Object> tokenMap
private final SecurityCache cache
private final SessionToken sessionToken
private final java.lang.Object cleanupLock
SecurityContext(SecurityCache cache, int proc, int user, int[] groups, int nres, int session, java.lang.String subject)
cache
- security cache to bind this context toproc
- index of the process account or -1user
- index of the user account or -1groups
- array of indices of the group accounts or nullnres
- number of registered resourcessession
- Unique session ID for this contextsubject
- Subject authenticated in this context. This can only be
null
when the session
is set to the
SYSTEM_SESSION
.java.lang.NullPointerException
- if the subject
is null and this is not a system
session.SecurityContext(SecurityCache cache, int proc, int user, int[] groups, int nres, boolean initial)
cache
- security cache to bind this context toproc
- index of the process account or -1user
- index of the user account or -1groups
- array of indices of the group accounts or nullnres
- number of registered resourcesinitial
- flag for initial security contextprivate SecurityContext(SecurityCache cache, int proc, int user, int[] groups, int nres, int session, java.lang.String subject, boolean initial)
cache
- security cache to bind this context toproc
- index of the process account or -1user
- index of the user account or -1groups
- array of indices of the group accounts or nullnres
- number of registered resourcessession
- Unique session ID for this contextsubject
- Subject authenticated in this context. This can only be
null
when the session
is set to the
SYSTEM_SESSION
.initial
- flag for initial security contextjava.lang.NullPointerException
- if the subject
is null and this is not a system
session.void assign()
boolean unassign()
true
if the use count has reached 0, otherwise
false
int[] getCheckList()
int[] getIdList()
boolean isInitial()
true
if this context is initialint getProcessOrdinal()
int getUserOrdinal()
int getSessionId()
SessionToken getSessionToken()
java.util.Map[] getDecisionCache()
SecurityCache getCache()
SecurityCache
boolean addToken(ContextKey key, java.lang.Object token)
key
- token key to be used as a key in the maptoken
- an arbitrary object to be kept in the entrytrue
if the token is added successfullyboolean removeToken(ContextKey key)
key
- token key to be used as a key in the maptrue
if the token was removed successfullyboolean hasToken(ContextKey key)
key
- token key to be used as a key in the maptrue
if the token is foundjava.lang.Object getToken(ContextKey key)
key
- token key to be used as a key in the mapnull
void transferAllTokens(SecurityContext other)
void reset()
void cleanup()
private void cleanupWorker(boolean reset)
reset
- When true
, this flag resets the security context; else, full cleanup is
performed.private static java.util.Set<ContextKey> cleanupWorker(boolean reset, java.util.Map<ContextKey,java.lang.Object> tm)
reset
- When true
, this flag resets the security context; else, full cleanup is
performed.tm
- the tokenMap copyprivate static void reset(java.lang.Object payload)
payload
- the object to reset