Interface UserIdentity

All Known Subinterfaces:
UserIdentity.UnauthenticatedUserIdentity
All Known Implementing Classes:
DefaultUserIdentity, OpenIdUserIdentity, SpnegoUserIdentity

public interface UserIdentity
User object that encapsulates user identity and operations such as run-as-role actions, checking isUserInRole and getUserPrincipal.

Implementations of UserIdentity should be immutable so that they may be cached by Authenticators and LoginServices.

  • Field Details

    • UNAUTHENTICATED_IDENTITY

      static final UserIdentity UNAUTHENTICATED_IDENTITY
  • Method Details

    • getSubject

      Subject getSubject()
      Returns:
      The user subject
    • getUserPrincipal

      Principal getUserPrincipal()
      Returns:
      The user principal
    • isUserInRole

      boolean isUserInRole(String role, UserIdentity.Scope scope)
      Check if the user is in a role. This call is used to satisfy authorization calls from container code which will be using translated role names.
      Parameters:
      role - A role name.
      scope - the scope
      Returns:
      True if the user can act in that role.