org.alfresco.repo.security.authentication
Interface AlfrescoSecureContext

All Superinterfaces:
net.sf.acegisecurity.context.Context, net.sf.acegisecurity.context.security.SecureContext, java.io.Serializable
All Known Implementing Classes:
AlfrescoSecureContextImpl

public interface AlfrescoSecureContext
extends net.sf.acegisecurity.context.security.SecureContext

Extensions for the Alfresco security context. This is based on the Linux model and supports real, effective and stored authorities The real authority is used for auditing and reporting who the user is etc. The effective authority is used for permission checks. RunAs support leaves the real authority and changes only the effective authority That means "special" code can run code as system but still be audited as Joe In the future scrips etc can support a setUId flag and run as the owner of the script. If the script chooses to do this .... A method invocation could do the same (after entry security checks) TODO: extent runAs to take a nodeRef context - it can then set the stored atc and set this as effective if required.


Method Summary
 net.sf.acegisecurity.Authentication getEffectiveAuthentication()
          Get the effective authentication - used for permission checks
 net.sf.acegisecurity.Authentication getRealAuthentication()
          Get the real authenticaiton - used for auditing and everything else
 void setEffectiveAuthentication(net.sf.acegisecurity.Authentication effictiveAuthentication)
          Set the effective authentication held by the context
 void setRealAuthentication(net.sf.acegisecurity.Authentication realAuthentication)
          Set the real authentication held by the context
 
Methods inherited from interface net.sf.acegisecurity.context.security.SecureContext
getAuthentication, setAuthentication
 
Methods inherited from interface net.sf.acegisecurity.context.Context
validate
 

Method Detail

getEffectiveAuthentication

net.sf.acegisecurity.Authentication getEffectiveAuthentication()
Get the effective authentication - used for permission checks

Returns:

getRealAuthentication

net.sf.acegisecurity.Authentication getRealAuthentication()
Get the real authenticaiton - used for auditing and everything else

Returns:

setEffectiveAuthentication

void setEffectiveAuthentication(net.sf.acegisecurity.Authentication effictiveAuthentication)
Set the effective authentication held by the context

Parameters:
effictiveAuthentication -

setRealAuthentication

void setRealAuthentication(net.sf.acegisecurity.Authentication realAuthentication)
Set the real authentication held by the context

Parameters:
realAuthentication -


Copyright © 2005 - 2010 Alfresco Software, Inc. All Rights Reserved.