- All Superinterfaces:
public interface SubjectSecurityContext extends SecurityContext
Security context that allows establishing a subject before a resource method or a sub-resource locator is called. Container or filters should set an implementation of this interface to the request context using
ContainerRequest.setSecurityContext(jakarta.ws.rs.core.SecurityContext). When Jersey detects this kind of context is in the request scope, it will use
doAsSubject(java.security.PrivilegedAction)method to dispatch the request to a resource method (or to call a sub-resource locator).
- Martin Matula, Jakub Podlesak, Marek Potociar
doAsSubjectJersey wraps calls to resource methods and sub-resource locators in
PrivilegedActioninstance and passes it to this method when dispatching a request. Implementations should do the needful to establish a
Subjectand invoke the
PrivilegedActionpassed as the parameter using
The privileged action passed into the method may, when invoked, fail with either
ProcessingException. Both these exceptions must be propagated to the caller without a modification.
PrivilegedActionthat represents a resource or sub-resource locator method invocation to be executed by this method after establishing a subject.
- result of the action.
NullPointerException- if the
SecurityException- if the caller does not have permission to invoke the
WebApplicationException- propagated exception from the privileged action. May be thrown in case the invocation of resource or sub-resource locator method in the privileged action results in this exception.
ProcessingException- propagated exception from the privileged action. May be thrown in case the invocation of resource or sub-resource locator method in the privileged action has failed or resulted in a non-checked exception.