/** Validate that the given credential is correct for principal. This returns the value from invoking isValid(principal, credential, null). @param principal - the security domain principal attempting access @param credential - the proof of identity offered by the principal @return true if the principal was authenticated, false otherwise. */ public boolean isValid(Principal principal, Object credential) { return isValid(principal, credential, null); }
DomainInfo cacheInfo = getCacheInfo(principal, true); if (trace) log.trace("Begin isValid, principal:" + principal + ", cache info: " + cacheInfo); isValid = validateCache(cacheInfo, credential, activeSubject); cacheInfo.release(); isValid = authenticate(principal, credential, activeSubject); isValid = authenticate(principal, credential, activeSubject);
LoginContext lc = defaultLogin(principal, credential); subject = lc.getSubject(); updateCache(lc, subject, principal, credential);
/** Map the argument principal from the deployment environment principal to the developer environment. This is called by the EJB context getCallerPrincipal() to return the Principal as described by the EJB developer domain. @return a Principal object that is valid in the deployment environment if one exists. If no Subject exists or the Subject has no principals then the argument principal is returned. */ public Principal getPrincipal(Principal principal) { if (domainCache == null) return principal; Principal result = principal; // Get the CallerPrincipal group member synchronized (domainCache) { DomainInfo info = getCacheInfo(principal, false); if (trace) log.trace("getPrincipal, cache info: " + info); if (info != null) { result = info.callerPrincipal; // If the mapping did not have a callerPrincipal just use principal if (result == null) result = principal; info.release(); } } return result; }