Package org.wildfly.security.auth.realm

Class DistributedSecurityRealm

java.lang.Object
org.wildfly.security.auth.realm.DistributedSecurityRealm
All Implemented Interfaces:
SecurityRealm
public class DistributedSecurityRealm extends Object implements SecurityRealm
A realm for authentication and authorization of identities distributed between multiple realms.
Author:
Martin Mazanek

  • Constructor Details

    • DistributedSecurityRealm

      public DistributedSecurityRealm(SecurityRealm... securityRealms)

    • DistributedSecurityRealm

      public DistributedSecurityRealm(boolean ignoreUnavailableRealms, Consumer<Integer> unavailableRealmCallback, SecurityRealm... securityRealms)
      Construct a new instance.
      Parameters:
      ignoreUnavailableRealms - allow to specify that the search should continue on to the next realm if a realm happens to be unavailable
      unavailableRealmCallback - a callback that can be used to emit realm unavailability, can be null
      securityRealms - references to one or more security realms for authentication and authorization

  • Method Details

    • getRealmIdentity

      public RealmIdentity getRealmIdentity(Evidence evidence) throws RealmUnavailableException
      Description copied from interface: SecurityRealm
      Get a handle for to the identity for the given evidence in the context of this security realm. Any validation / name mapping is an implementation detail for the realm. The identity may or may not exist. The returned handle must be cleaned up by a call to RealmIdentity.dispose(). Where this method is used to obtain a RealmIdentity prior to evidence verification the method RealmIdentity.getEvidenceVerifySupport(Class, String) will be used to verify if the identity is usable.
      Specified by:
      getRealmIdentity in interface SecurityRealm
      Parameters:
      evidence - an evidence instance which identifies the identity within the realm (must not be null)
      Returns:
      the RealmIdentity for the provided evidence (not null)
      Throws:
      RealmUnavailableException

    • getRealmIdentity

      public RealmIdentity getRealmIdentity(Principal principal) throws RealmUnavailableException
      Description copied from interface: SecurityRealm
      Get a handle for to the identity for the given principal in the context of this security realm. Any validation / name mapping is an implementation detail for the realm. The identity may or may not exist. The returned handle must be cleaned up by a call to RealmIdentity.dispose().
      Specified by:
      getRealmIdentity in interface SecurityRealm
      Parameters:
      principal - the principal which identifies the identity within the realm (must not be null)
      Returns:
      the RealmIdentity for the provided principal (not null)
      Throws:
      RealmUnavailableException

    • getCredentialAcquireSupport

      public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec) throws RealmUnavailableException
      Description copied from interface: SecurityRealm
      Determine whether a credential of the given type and algorithm is definitely obtainable, possibly obtainable (for] some identities), or definitely not obtainable.
      Specified by:
      getCredentialAcquireSupport in interface SecurityRealm
      Parameters:
      credentialType - the exact credential type (must not be null)
      algorithmName - the algorithm name, or null if any algorithm is acceptable or the credential type does not support algorithm names
      parameterSpec - the algorithm parameters to match, or null if any parameters are acceptable or the credential type does not support algorithm parameters
      Returns:
      the level of support for this credential
      Throws:
      RealmUnavailableException - if the realm is not able to handle requests for any reason

    • getEvidenceVerifySupport

      public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName) throws RealmUnavailableException
      Description copied from interface: SecurityRealm
      Determine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), or definitely not verifiable.
      Specified by:
      getEvidenceVerifySupport in interface SecurityRealm
      Parameters:
      evidenceType - the type of evidence to be verified (must not be null)
      algorithmName - the algorithm name, or null if any algorithm is acceptable or the evidence type does not support algorithm names
      Returns:
      the level of support for this evidence type
      Throws:
      RealmUnavailableException - if the realm is not able to handle requests for any reason