Class SecurityContext

java.lang.Object
jakarta.resource.spi.work.SecurityContext
All Implemented Interfaces:
WorkContext, Serializable

public abstract class SecurityContext extends Object implements WorkContext
A standard WorkContext that allows a Work instance to propagate security related context information from an EIS to an application server.

This allows an EIS/resource adapter to flow-in security context information and execute a Work instance, and call methods on a MessageEndpoint interface, to effect message inflow, within that Work instance, in the context of an established identity.

A resource adapter indicates to the WorkManager, that a Work instance needs to be run in a specified security execution context by submitting a Work instance that implements WorkContextProvider interface and ensuring that the List of WorkContexts for that Work instance contains an instance of its subclass of SecurityContext.

It should be noted however that when a resource adapter flows-in an identity to be used by the application server, the propagated identity may or may not belong to the application server's security domain.

There are therefore, two scenarios while a resource adapter propagates a security identity from an EIS to the application server:

  • Case 1: Resource adapter flows-in an identity in the application server's security domain: In this case, the application server could just set the initiating principal, flown-in from the resource adapter, as the security context the Work instance executes as.
  • Case 2: Resource adapter flows-in an identity belonging to the EIS' security domain: The resource adapter establishes a connection to the EIS and needs to perform a Work in the context of an EIS identity. In this case, the initiating or caller principal does not exist in the application server's security domain and a translation from one domain to the other needs to be performed.

Since:
1.6
See Also: