Package javax.ws.rs.core
Interface SecurityContext
-
public interface SecurityContext
An injectable interface that provides access to security related information.- Since:
- 1.0
- Author:
- Paul Sandoz, Marc Hadley
- See Also:
Context
-
-
Field Summary
Fields Modifier and Type Field Description static String
BASIC_AUTH
String identifier for Basic authentication.static String
CLIENT_CERT_AUTH
String identifier for Client Certificate authentication.static String
DIGEST_AUTH
String identifier for Digest authentication.static String
FORM_AUTH
String identifier for Form authentication.
-
Method Summary
Modifier and Type Method Description String
getAuthenticationScheme()
Returns the string value of the authentication scheme used to protect the resource.Principal
getUserPrincipal()
Returns ajava.security.Principal
object containing the name of the current authenticated user.boolean
isSecure()
Returns a boolean indicating whether this request was made using a secure channel, such as HTTPS.boolean
isUserInRole(String role)
Returns a boolean indicating whether the authenticated user is included in the specified logical "role".
-
-
-
Field Detail
-
BASIC_AUTH
static final String BASIC_AUTH
String identifier for Basic authentication. Value "BASIC"- See Also:
- Constant Field Values
-
CLIENT_CERT_AUTH
static final String CLIENT_CERT_AUTH
String identifier for Client Certificate authentication. Value "CLIENT_CERT"- See Also:
- Constant Field Values
-
DIGEST_AUTH
static final String DIGEST_AUTH
String identifier for Digest authentication. Value "DIGEST"- See Also:
- Constant Field Values
-
FORM_AUTH
static final String FORM_AUTH
String identifier for Form authentication. Value "FORM"- See Also:
- Constant Field Values
-
-
Method Detail
-
getUserPrincipal
Principal getUserPrincipal()
Returns ajava.security.Principal
object containing the name of the current authenticated user. If the user has not been authenticated, the method returns null.- Returns:
- a
java.security.Principal
containing the name of the user making this request; null if the user has not been authenticated - Throws:
IllegalStateException
- if called outside the scope of a request
-
isUserInRole
boolean isUserInRole(String role)
Returns a boolean indicating whether the authenticated user is included in the specified logical "role". If the user has not been authenticated, the method returnsfalse
.- Parameters:
role
- aString
specifying the name of the role- Returns:
- a
boolean
indicating whether the user making the request belongs to a given role;false
if the user has not been authenticated - Throws:
IllegalStateException
- if called outside the scope of a request
-
isSecure
boolean isSecure()
Returns a boolean indicating whether this request was made using a secure channel, such as HTTPS.- Returns:
true
if the request was made using a secure channel,false
otherwise- Throws:
IllegalStateException
- if called outside the scope of a request
-
getAuthenticationScheme
String getAuthenticationScheme()
Returns the string value of the authentication scheme used to protect the resource. If the resource is not authenticated, null is returned. Values are the same as the CGI variable AUTH_TYPE- Returns:
- one of the static members BASIC_AUTH, FORM_AUTH, CLIENT_CERT_AUTH, DIGEST_AUTH (suitable for == comparison) or the container-specific string indicating the authentication scheme, or null if the request was not authenticated.
- Throws:
IllegalStateException
- if called outside the scope of a request
-
-