Package org.jboss.security.plugins.auth

Class JASPIServerAuthenticationManager

java.lang.Object

org.jboss.security.plugins.auth.JaasSecurityManagerBase

org.jboss.security.plugins.auth.JASPIServerAuthenticationManager

All Implemented Interfaces:

AuthenticationManager, BaseSecurityManager, RealmMapping, ServerAuthenticationManager, SubjectSecurityManager

public class JASPIServerAuthenticationManager
extends JaasSecurityManagerBase
implements ServerAuthenticationManager

Author:

Anil.Saldhana@redhat.com

Constructor Summary

Constructors

Constructor	Description
JASPIServerAuthenticationManager()
JASPIServerAuthenticationManager(String securityDomain, CallbackHandler handler)

Method Summary

Modifier and Type	Method	Description
void	cleanSubject(javax.security.auth.message.MessageInfo messageInfo, Subject subject, String layer, String appContext, CallbackHandler handler)	Remove method specific principals and credentials from the subject.
boolean	isValid(javax.security.auth.message.MessageInfo messageInfo, Subject clientSubject, String layer, String appContext, CallbackHandler callbackHandler)	Authenticate a Subject given the request response JSR-196(JASPI) messages.
boolean	isValid(javax.security.auth.message.MessageInfo requestMessage, Subject clientSubject, String layer, CallbackHandler handler)	Authenticate a Subject given the request response JSR-196(JASPI) messages.
void	secureResponse(javax.security.auth.message.MessageInfo messageInfo, Subject serviceSubject, String layer, String appContext, CallbackHandler handler)	Secures the response encapsulated in the specified MessageInfo object.

Methods inherited from class org.jboss.security.plugins.auth.JaasSecurityManagerBase

doesUserHaveRole, getActiveSubject, getPrincipal, getSecurityDomain, getTargetPrincipal, getUserRoles, isValid, isValid, logout, setAuthorizationManager, setDeepCopySubjectOption

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.jboss.security.AuthenticationManager

getActiveSubject, getTargetPrincipal, isValid, isValid, logout

Methods inherited from interface org.jboss.security.BaseSecurityManager

getSecurityDomain

Constructor Detail

JASPIServerAuthenticationManager

public JASPIServerAuthenticationManager()

JASPIServerAuthenticationManager

public JASPIServerAuthenticationManager(String securityDomain,
                                        CallbackHandler handler)

Method Detail

isValid

public boolean isValid(javax.security.auth.message.MessageInfo requestMessage,
                       Subject clientSubject,
                       String layer,
                       CallbackHandler handler)

Description copied from interface: ServerAuthenticationManager

Authenticate a Subject given the request response JSR-196(JASPI) messages.

If any AuthException is thrown during the processing it will be available through SecurityContext context data with a key javax.security.auth.message.AuthException.

Specified by:

isValid in interface ServerAuthenticationManager

clientSubject - Pre-created or null subject

layer - Message Layer for the JASPI (Optional): Default: HTTP

handler - CallbackHandler

Returns:

true if client subject is valid, false otherwise

isValid

public boolean isValid(javax.security.auth.message.MessageInfo messageInfo,
                       Subject clientSubject,
                       String layer,
                       String appContext,
                       CallbackHandler callbackHandler)

Description copied from interface: ServerAuthenticationManager

Authenticate a Subject given the request response JSR-196(JASPI) messages.

If any AuthException is thrown during the processing it will be available through SecurityContext context data with a key javax.security.auth.message.AuthException.

Specified by:

isValid in interface ServerAuthenticationManager

Parameters:

messageInfo - the object that contains the request and response messages.

clientSubject - the client subject.

layer - the message layer for JASPI.

appContext - the JASPI application context.

callbackHandler - the callback handler instance.

Returns:

true if the client subject is valid; false otherwise.

secureResponse

public void secureResponse(javax.security.auth.message.MessageInfo messageInfo,
                           Subject serviceSubject,
                           String layer,
                           String appContext,
                           CallbackHandler handler)

Description copied from interface: ServerAuthenticationManager

Secures the response encapsulated in the specified MessageInfo object.

If any AuthException is thrown during the processing it will be available through SecurityContext context data with a key javax.security.auth.message.AuthException.

Specified by:

secureResponse in interface ServerAuthenticationManager

Parameters:

messageInfo - the object that contains the request and response messages.

serviceSubject - an optional server Subject instance.

layer - the JASPI message layer.

appContext - the JASPI application context.

handler - the CallbackHandler instance that can be used to obtain further information (such as keys) to secure the response message.

cleanSubject

public void cleanSubject(javax.security.auth.message.MessageInfo messageInfo,
                         Subject subject,
                         String layer,
                         String appContext,
                         CallbackHandler handler)

Description copied from interface: ServerAuthenticationManager

Remove method specific principals and credentials from the subject.

Specified by:

cleanSubject in interface ServerAuthenticationManager

Parameters:

messageInfo - the object that contains the request and response messages.

subject - the subject to be cleaned.

layer - the message layer for JASPI.

appContext - the JASPI application context.

handler - the callback handler instance.