public class SecurityContext
extends java.lang.Object
AppContext
by the framework, but also have to be
passed to it in case of manually running new threads. Here is the sample code for an asynchronous execution:
final SecurityContext securityContext = AppContext.getSecurityContext();
executor.submit(new Runnable() {
public void run() {
AppContext.setSecurityContext(securityContext);
// business logic here
}
});
SecurityContextAwareRunnable
or SecurityContextAwareCallable
wrappers, for example:
executor.submit(new SecurityContextAwareRunnable<>(() -> {
// business logic here
}));
or
Future<String> future = executor.submit(new SecurityContextAwareCallable<>(() -> {
// business logic here
return some_string;
}));
Constructor and Description |
---|
SecurityContext(UserSession session) |
SecurityContext(java.util.UUID sessionId) |
SecurityContext(java.util.UUID sessionId,
java.lang.String user) |
Modifier and Type | Method and Description |
---|---|
UserSession |
getSession() |
java.util.UUID |
getSessionId() |
java.lang.String |
getUser() |
boolean |
isAuthorizationRequired() |
void |
setAuthorizationRequired(boolean authorizationRequired)
Whether the security check is required for standard mechanisms (
DataManager in particular) on
the middleware. |
java.lang.String |
toString() |
public SecurityContext(java.util.UUID sessionId)
public SecurityContext(java.util.UUID sessionId, java.lang.String user)
public SecurityContext(UserSession session)
public java.util.UUID getSessionId()
UserSession
ID. This is the only required value for the SecurityContext
.@Nullable public UserSession getSession()
UserSessionSource
@Nullable public java.lang.String getUser()
UserSessionSource
public boolean isAuthorizationRequired()
DataManager
in particular) on
the middlewarepublic void setAuthorizationRequired(boolean authorizationRequired)
DataManager
in particular) on
the middleware. Example usage:
boolean saved = AppContext.getSecurityContext().isAuthorizationRequired();
AppContext.getSecurityContext().setAuthorizationRequired(true);
try {
// all calls to DataManager will apply security restrictions
} finally {
AppContext.getSecurityContext().setAuthorizationRequired(saved);
}
public java.lang.String toString()
toString
in class java.lang.Object