Package org.glassfish.jersey.server

Interface SubjectSecurityContext

All Superinterfaces:

SecurityContext

public interface SubjectSecurityContext
extends SecurityContext

Security context that allows establishing a subject before a resource method or a sub-resource locator is called. Container or filters should set an implementation of this interface to the request context using ContainerRequest.setSecurityContext(jakarta.ws.rs.core.SecurityContext). When Jersey detects this kind of context is in the request scope, it will use doAsSubject(java.security.PrivilegedAction) method to dispatch the request to a resource method (or to call a sub-resource locator).

Author:

Martin Matula, Jakub Podlesak, Marek Potociar

Field Summary

Fields inherited from interface jakarta.ws.rs.core.SecurityContext

BASIC_AUTH, CLIENT_CERT_AUTH, DIGEST_AUTH, FORM_AUTH

Method Summary

Modifier and Type	Method	Description
Object	doAsSubject(PrivilegedAction action)	Jersey wraps calls to resource methods and sub-resource locators in PrivilegedAction instance and passes it to this method when dispatching a request.

Methods inherited from interface jakarta.ws.rs.core.SecurityContext

getAuthenticationScheme, getUserPrincipal, isSecure, isUserInRole

Method Details

doAsSubject

Object doAsSubject(PrivilegedAction action)

Jersey wraps calls to resource methods and sub-resource locators in PrivilegedAction instance and passes it to this method when dispatching a request. Implementations should do the needful to establish a Subject and invoke the PrivilegedAction passed as the parameter using Subject.doAs(javax.security.auth.Subject, java.security.PrivilegedAction).

The privileged action passed into the method may, when invoked, fail with either WebApplicationException or ProcessingException. Both these exceptions must be propagated to the caller without a modification.

Parameters:

action - PrivilegedAction that represents a resource or sub-resource locator method invocation to be executed by this method after establishing a subject.

Returns:

result of the action.

Throws:

NullPointerException - if the PrivilegedAction is null.

SecurityException - if the caller does not have permission to invoke the Subject#doAs(Subject, PrivilegedAction) method.

WebApplicationException - propagated exception from the privileged action. May be thrown in case the invocation of resource or sub-resource locator method in the privileged action results in this exception.

ProcessingException - propagated exception from the privileged action. May be thrown in case the invocation of resource or sub-resource locator method in the privileged action has failed or resulted in a non-checked exception.