javax.security.auth.message.config

Class AuthConfigFactory

java.lang.Object

javax.security.auth.message.config.AuthConfigFactory

Direct Known Subclasses:

JBossAuthConfigFactory

public abstract class AuthConfigFactory
extends Object

This class is used to obtain AuthConfigProvider objects that can be used to obtain authentication context configuration objects, i.e., ClientAuthConfig and ServerAuthConfig objects. Authentication context configuration objects are used to obtain authentication context objects. Authentication context objects, i.e., ClientAuthContext and ServerAuthContex objects encapsulate authentication modules. Authentication modules are pluggable components that perform security-related processing of request and response messages.

Callers do not operate on modules directly. Instead they rely on an authentication context to manage the invocation of modules. A caller obtains an authentication context by calling the getAuthContext method on a ClientAuthConfig or ServerAuthConfig obtained from an AuthConfigProvider.

The following represents a typical sequence of calls for obtaining a client authentication context, and then using it to secure a request.

1. AuthConfigFactory factory = AuthConfigFactory.getFactory();
2. AuthConfigProvider provider = factory.getConfigProvider(layer,appID,null);
3. ClientAuthConfig config = provider.getClientAuthConfig(layer,appID,cbh)
4. String operation = config.getOperation(authParam);
5. ClientAuthContext context = config.getAuthContext(operation,properties);
6. context.secureRequest(authParam,subject,...);

A system-wide AuthConfigFactory implementation can be set by invoking setFactory, and retrieved via getFactory.

Every implementation of this abstract class must offer a public, zero argument constructor. This constructor must support the construction and registration of AuthConfigProviders from a persistent declarative representation.

For example, a factory implementation class could interpret the contents of a file containing a sequence of configuration entries, with one entry per AuthConfigProvider, with each entry representing the following 5 values:

• the fully qualified name of the provider implementation class
• the pathname of the provider initialization file
• the message layer name
• the application context identifier
• the registration description

A value would be required for the implementation class. The remaining values could be optional, and when specified, the contents of the provider initialization file could be required to conform to the syntax defined by http://java.sun.com/dtd/properties.dtd (which can be loaded into a Properties object).

Since:

May 12, 2006

Version:

$Revision$

Author:

Anil Saldhana, Charlie Lai, Ron Monzillo (Javadoc for JSR-196)

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static interface	AuthConfigFactory.RegistrationContext Represents the layer identifier, application context identifier., and description components of an AuthConfigProvider registration at the factory

Field Summary

Fields

Modifier and Type	Field and Description
static String	DEFAULT_FACTORY_SECURITY_PROPERTY

Constructor Summary

Constructors

Constructor and Description
AuthConfigFactory()

Method Summary

Methods

Modifier and Type	Method and Description
abstract String[]	detachListener(RegistrationListener listener, String layer, String appContext) Disassociate the listener from all the provider registrations whose layer and appContext values are matched by the corresponding arguments to this method.
abstract AuthConfigProvider	getConfigProvider(String layer, String appContext, RegistrationListener listener) Get a registered AuthConfigProvider from the factory.
static AuthConfigFactory	getFactory() Get the system-wide AuthConfigFactory implementation.
abstract AuthConfigFactory.RegistrationContext	getRegistrationContext(String registrationID)
abstract String[]	getRegistrationIDs(AuthConfigProvider provider)
abstract void	refresh()
abstract String	registerConfigProvider(AuthConfigProvider provider, String layer, String appContext, String description)
abstract String	registerConfigProvider(String className, Map properties, String layer, String appContext, String description)
abstract boolean	removeRegistration(String registrationID)
static void	setFactory(AuthConfigFactory factory)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_FACTORY_SECURITY_PROPERTY

public static final String DEFAULT_FACTORY_SECURITY_PROPERTY

See Also:

Constant Field Values

Constructor Detail

AuthConfigFactory

public AuthConfigFactory()

Method Detail

detachListener

public abstract String[] detachListener(RegistrationListener listener,
                      String layer,
                      String appContext)

Disassociate the listener from all the provider registrations whose layer and appContext values are matched by the corresponding arguments to this method.

Parameters:

listener - the RegistrationListener to be detached.

layer - a String identifying the message layer or null.

appContext - a String value identifying the application contex or null.

Returns:

getConfigProvider

public abstract AuthConfigProvider getConfigProvider(String layer,
                                   String appContext,
                                   RegistrationListener listener)

Get a registered AuthConfigProvider from the factory. Get the provider of ServerAuthConfig and/or ClientAuthConfig objects registered for the identified message layer and application context.

Parameters:

layer - a String identifying the message layer for which the registered AuthConfigProvider is to be returned. This argument may be null.

appContext - a String that identifys the application messaging context for which the registered AuthConfigProvider is to be returned. This argument may be null.

listener - the RegistrationListener whose notify method is to be invoked if the corresponding registration is unregistered or replaced. The value of this argument may be null.

Returns:

the implementation of the AuthConfigProvider interface registered at the factory for the layer and appContext or null if no AuthConfigProvider is selected.

All factories shall employ the following precedence rules to select the registered AuthConfigProvider that matches the layer and appContext arguments:

• The provider that is specifically registered for both the corresponding message layer and appContext shall be selected.
• if no provider is selected according to the preceding rule, the provider specifically registered for the corresponding appContext and for all message layers shall be selected.
• if no provider is selected according to the preceding rules, the provider specifically registered for the corresponding message layer and for all appContexts shall be selected.
• if no provider is selected according to the preceding rules, the provider registered for all message layers and for all appContexts shall be selected.
• if no provider is selected according to the preceding rules, the factory shall terminate its search for a registered provider.

getFactory

public static AuthConfigFactory getFactory()

Get the system-wide AuthConfigFactory implementation.

If a non-null system-wide factory instance is defined at the time of the call, e.g., with setfactory, it will be returned. Otherwise, an attempt will be made to construct an instance of the default AuthConfigFactory implementation class. The fully qualified class name of the default factory implementation class is obtained from the value of the authconfigprovider.factory security property. When an instance of the defaultfactory implementation class is successfully constructed by this method, this method will set it as the system-wide factory instance.

Returns:

the non-null system-wide AuthConfigFactory instance set at the time of the call, or if that value was null, the value of the system-wide factory instance established by this method. This method returns null when the system-wide factory was not defined when this method was called and no default factory name was defined via the security property.

getRegistrationContext

public abstract AuthConfigFactory.RegistrationContext getRegistrationContext(String registrationID)

getRegistrationIDs

public abstract String[] getRegistrationIDs(AuthConfigProvider provider)

refresh

public abstract void refresh()

registerConfigProvider

public abstract String registerConfigProvider(String className,
                            Map properties,
                            String layer,
                            String appContext,
                            String description)

registerConfigProvider

public abstract String registerConfigProvider(AuthConfigProvider provider,
                            String layer,
                            String appContext,
                            String description)

removeRegistration

public abstract boolean removeRegistration(String registrationID)

setFactory

public static void setFactory(AuthConfigFactory factory)