public interface PrincipalManager
A Principal
is an object used to connect to any kind
of security mechanism. Example for this are the
login modules
that use principals
to process the login procedure.
A principal can be a member of a GroupPrincipal
. A
group is a principal itself and can therefore be a member of a group again.
Please note the following security considerations that need to be respected
when implementing the PrincipalManager: All principals returned by this
manager as well as GroupPrincipal.members()
must respect access
restrictions that may be present for the Session
this manager
has been built for. The same applies for
getGroupMembership(Principal)
.
Since Jackrabbit 2.18, a new interface has been introduced to represent the
concept of a group of principals: GroupPrincipal
, alongside
java.security.acl.Group
which is deprecated to be deleted. Until the
final deletion of java.security.acl.Group
, the 2 interfaces will be
used concurrently for backwards compatibility reasons. See JCR-4249 for more
details.
Modifier and Type | Field and Description |
---|---|
static int |
SEARCH_TYPE_ALL
Filter flag indicating that all
Principal s should be search
irrespective whether they represent a group of Principals or not. |
static int |
SEARCH_TYPE_GROUP
Filter flag indicating that only
Principal s that represent
a group of Principals should be searched and returned. |
static int |
SEARCH_TYPE_NOT_GROUP
Filter flag indicating that only
Principal s that do NOT
represent a group should be searched and returned. |
Modifier and Type | Method and Description |
---|---|
@NotNull PrincipalIterator |
findPrincipals(@Nullable java.lang.String simpleFilter)
Gets the principals matching a simple filter expression applied against
the
principal name . |
@NotNull PrincipalIterator |
findPrincipals(@Nullable java.lang.String simpleFilter,
int searchType)
Gets the principals matching a simple filter expression applied against
the
principal name AND the specified search
type. |
@NotNull java.security.Principal |
getEveryone()
Returns the
Principal which is implicitly applied to
every subject. |
@NotNull PrincipalIterator |
getGroupMembership(@NotNull java.security.Principal principal)
Returns an iterator over all group principals for which the given
principal is either direct or indirect member of.
|
@Nullable java.security.Principal |
getPrincipal(@NotNull java.lang.String principalName)
Returns the principal with the given name if is known to this manager
(with respect to the sessions access rights).
|
@NotNull PrincipalIterator |
getPrincipals(int searchType)
Returns all
Principal s matching the specified search type. |
boolean |
hasPrincipal(@NotNull java.lang.String principalName)
Checks if the principal with the given name is known to this manager
(in respect to the sessions access rights).
|
static final int SEARCH_TYPE_NOT_GROUP
Principal
s that do NOT
represent a group should be searched and returned.static final int SEARCH_TYPE_GROUP
Principal
s that represent
a group of Principals should be searched and returned.static final int SEARCH_TYPE_ALL
Principal
s should be search
irrespective whether they represent a group of Principals or not.boolean hasPrincipal(@NotNull @NotNull java.lang.String principalName)
true
then the following expression evaluates to true
as well: PrincipalManager.getPrincipal(name).getName().equals(name)
principalName
- the name of the principal to checktrue
if the principal with this name is known
to this manager; false
otherwise.@Nullable @Nullable java.security.Principal getPrincipal(@NotNull @NotNull java.lang.String principalName)
PrincipalManager
has been built for.principalName
- the name of the principal to retrievenull
if a
principal with the given name does not exist or is not accessible
for the editing session.@NotNull @NotNull PrincipalIterator findPrincipals(@Nullable @Nullable java.lang.String simpleFilter)
principal name
.
TODO: define the filter expression.simpleFilter
- PrincipalIterator
over the Principal
s
matching the given filter.@NotNull @NotNull PrincipalIterator findPrincipals(@Nullable @Nullable java.lang.String simpleFilter, int searchType)
principal name
AND the specified search
type.
TODO: define the filter expression.simpleFilter
- searchType
- Any of the following constants:
PrincipalIterator
over the Principal
s
matching the given filter and search type.@NotNull @NotNull PrincipalIterator getPrincipals(int searchType)
Principal
s matching the specified search type.searchType
- Any of the following constants:
PrincipalIterator
over all the Principal
s
matching the given search type.@NotNull @NotNull PrincipalIterator getGroupMembership(@NotNull @NotNull java.security.Principal principal)
Example:
If Principal P is member of Group A, and Group A is member of
Group B, this method will return Principal A and Principal B.
principal
- the principal to return it's membership from.@NotNull @NotNull java.security.Principal getEveryone()
Principal
which is implicitly applied to
every subject.Copyright © 2010 - 2020 Adobe. All Rights Reserved