com.ibm.sec.authz.jaccplus

Class ApplicationSubject

  1. java.lang.Object
  2. extended bycom.ibm.sec.authz.jaccplus.ApplicationSubject

  1. public class ApplicationSubject
  2. extends java.lang.Object
The container for user ID and group information for use with ApplicationEvaluationContext.

A subject can be set in the context instance as follows:

   ApplicationSubject subj = new ApplicationSubject();
   subj.setUserPrincipal( new ApplicationUserPrincipal( "cn=alice,o=ibm,c=us" ) );
   subj.setGroupPrincipals( new Principal[] { new ApplicationGroupPrincipal( "cn=users,o=ibm,c=us" ) } );
   
   context.getHandlerData().put( ApplicationSubjectContext.SUBJECT_KEY, subj );
 

Note that any instance of Principal can be used, as long as Principal.getName() returns the desired representation of the identity.

Applications can also set an XML representation of an authentication token, such as a WS-Security token, that was used to authenticate the user. This token is sent to the decision engine, and users of TSPM can send this token to a security token service.

See Also:
ApplicationEvaluationContext, Principal, ApplicationUserPrincipal, ApplicationGroupPrincipal

Constructor Summary

Constructor and Description
ApplicationSubject()

Method Summary

Modifier and Type Method and Description
  1. org.w3c.dom.Element
getAuthenticationToken()
This method gets the token used to authenticate.
  1. java.security.Principal[]
getGroupPrincipals()
Gets the principals representing the groups of this subject.
  1. java.security.Principal
getUserPrincipal()
Gets the principal representing the user identity for this subject.
  1. void
setAuthenticationToken(org.w3c.dom.Element token)
This method sets the token used to authenticate this Subject.
  1. void
setGroupPrincipals(java.security.Principal[] prins)
Sets the group principals for this subject.
  1. void
setUserPrincipal(java.security.Principal prin)
Sets the principal representing the user identity for this subject.
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ApplicationSubject

  1. public ApplicationSubject()

Method Detail

getGroupPrincipals

  1. public java.security.Principal[] getGroupPrincipals( )
Gets the principals representing the groups of this subject.
Returns:
the group Principals.

setGroupPrincipals

  1. public void setGroupPrincipals( java.security.Principal[] prins)
Sets the group principals for this subject.
Parameters:
prins - The group principals to set.

getUserPrincipal

  1. public java.security.Principal getUserPrincipal( )
Gets the principal representing the user identity for this subject.
Returns:
the user Principal.

setUserPrincipal

  1. public void setUserPrincipal(java.security.Principal prin)
Sets the principal representing the user identity for this subject.
Parameters:
prin - The user principal to set.

getAuthenticationToken

  1. public org.w3c.dom.Element getAuthenticationToken( )
This method gets the token used to authenticate.
Returns:
the authentication token.

setAuthenticationToken

  1. public void setAuthenticationToken( org.w3c.dom.Element token)
This method sets the token used to authenticate this Subject.
Parameters:
token - To set the authentication token.