org.jboss.security

Interface ServerAuthenticationManager

All Superinterfaces:

AuthenticationManager, BaseSecurityManager

All Known Implementing Classes:

JASPIServerAuthenticationManager

public interface ServerAuthenticationManager
extends AuthenticationManager

AuthenticationManager with JSR-196 Semantics

Since:

May 30, 2008

Author:

Anil.Saldhana@redhat.com

Method Summary

Methods

Modifier and Type	Method and Description
boolean	isValid(MessageInfo requestMessage, Subject clientSubject, String layer, CallbackHandler callbackHandler) Authenticate a Subject given the request response JSR-196(JASPI) messages.
boolean	isValid(MessageInfo messageInfo, Subject clientSubject, String layer, String appContext, CallbackHandler callbackHandler) Authenticate a Subject given the request response JSR-196(JASPI) messages.
void	secureResponse(MessageInfo messageInfo, Subject serviceSubject, String layer, String appContext, CallbackHandler callbackHandler) Secures the response encapsulated in the specified MessageInfo object.

Methods inherited from interface org.jboss.security.AuthenticationManager

getActiveSubject, getTargetPrincipal, isValid, isValid, logout

Methods inherited from interface org.jboss.security.BaseSecurityManager

getSecurityDomain

Method Detail

isValid

boolean isValid(MessageInfo requestMessage,
              Subject clientSubject,
              String layer,
              CallbackHandler callbackHandler)

Authenticate a Subject given the request response JSR-196(JASPI) messages.

If any AuthException is thrown during the processing it will be available through SecurityContext context data with a key javax.security.auth.message.AuthException.

Parameters:

requestMessage -

clientSubject - Pre-created or null subject

layer - Message Layer for the JASPI (Optional): Default: HTTP

callbackHandler - CallbackHandler

Returns:

true if client subject is valid, false otherwise

isValid

boolean isValid(MessageInfo messageInfo,
              Subject clientSubject,
              String layer,
              String appContext,
              CallbackHandler callbackHandler)

Authenticate a Subject given the request response JSR-196(JASPI) messages.

If any AuthException is thrown during the processing it will be available through SecurityContext context data with a key javax.security.auth.message.AuthException.

Parameters:

messageInfo - the object that contains the request and response messages.

clientSubject - the client subject.

layer - the message layer for JASPI.

appContext - the JASPI application context.

callbackHandler - the callback handler instance.

Returns:

true if the client subject is valid; false otherwise.

secureResponse

void secureResponse(MessageInfo messageInfo,
                  Subject serviceSubject,
                  String layer,
                  String appContext,
                  CallbackHandler callbackHandler)

Secures the response encapsulated in the specified MessageInfo object.

If any AuthException is thrown during the processing it will be available through SecurityContext context data with a key javax.security.auth.message.AuthException.

Parameters:

messageInfo - the object that contains the request and response messages.

serviceSubject - an optional server Subject instance.

layer - the JASPI message layer.

appContext - the JASPI application context.

callbackHandler - the CallbackHandler instance that can be used to obtain further information (such as keys) to secure the response message.