public final class AuthenticationConfiguration extends Object
Modifier and Type | Field and Description |
---|---|
static AuthenticationConfiguration |
EMPTY
Deprecated.
to obtain empty configuration use
empty() method instead |
Modifier and Type | Method and Description |
---|---|
static AuthenticationConfiguration |
empty()
An empty configuration which can be used as the basis for any configuration.
|
boolean |
equals(AuthenticationConfiguration other)
Determine whether this configuration is equal to another object.
|
boolean |
equals(Object obj)
Determine whether this configuration is equal to another object.
|
int |
hashCode()
Get the hash code of this authentication configuration.
|
AuthenticationConfiguration |
rewriteUser(NameRewriter rewriter)
Create a new configuration which is the same as this configuration, but rewrites the user name using the given
name rewriter.
|
AuthenticationConfiguration |
rewriteUserOnlyWith(NameRewriter rewriter)
Create a new configuration which is the same as this configuration, but rewrites the user name using only
the given name rewriter.
|
AuthenticationConfiguration |
setSaslMechanismSelector(org.wildfly.security.sasl.SaslMechanismSelector saslMechanismSelector)
Set the SASL mechanism selector for this authentication configuration.
|
String |
toString() |
AuthenticationConfiguration |
useAnonymous()
Create a new configuration which is the same as this configuration, but which uses an anonymous login.
|
AuthenticationConfiguration |
useAuthorizationName(String name)
Create a new configuration which is the same as this configuration, but which attempts to authorize to the given
name after authentication.
|
AuthenticationConfiguration |
useAuthorizationPrincipal(Principal principal)
Create a new configuration which is the same as this configuration, but which attempts to authorize to the given
principal after authentication.
|
AuthenticationConfiguration |
useBearerTokenCredential(BearerTokenCredential credential)
Create a new configuration which is the same as this configuration, but which uses the given
BearerTokenCredential to authenticate. |
AuthenticationConfiguration |
useCallbackHandler(CallbackHandler callbackHandler)
Create a new configuration which is the same as this configuration, but which uses the given callback handler
to authenticate.
|
AuthenticationConfiguration |
useCallbackHandler(CallbackHandler callbackHandler,
Set<CallbackKind> callbackKinds)
Create a new configuration which is the same as this configuration, but which uses the given callback handler
to authenticate.
|
AuthenticationConfiguration |
useCertificateCredential(PrivateKey privateKey,
X509Certificate... certificateChain)
Create a new configuration which is the same as this configuration, but which uses the given private key and X.509
certificate chain to authenticate.
|
AuthenticationConfiguration |
useCertificateCredential(X509CertificateChainPrivateCredential credential)
Create a new configuration which is the same as this configuration, but which uses the given private key and X.509
certificate chain to authenticate.
|
AuthenticationConfiguration |
useChoice(BiPredicate<Class<? extends ChoiceCallback>,String> matchPredicate,
String choice)
Create a new configuration which is the same as this configuration, but which uses the given choice if the given
predicate evaluates to
true . |
AuthenticationConfiguration |
useCredential(Credential credential)
Create a new configuration which is the same as this configuration, but which uses the given credential to authenticate.
|
AuthenticationConfiguration |
useCredentialCallbackHandler(CallbackHandler callbackHandler)
Create a new configuration which is the same as this configuration, but which uses the given callback handler to
acquire a password with which to authenticate, when a password-based authentication algorithm is in use.
|
AuthenticationConfiguration |
useCredentials(CredentialSource credentials)
Create a new configuration which is the same as this configuration, but which uses the given identity
credentials to acquire the credential required for authentication.
|
AuthenticationConfiguration |
useCredentialStoreEntry(CredentialStore credentialStore,
String alias)
Create a new configuration which is the same as this configuration, but uses credentials found at the given
alias and credential store.
|
AuthenticationConfiguration |
useDefaultProviders()
Use the default provider discovery behaviour of combining service loader discovered providers with the system default
security providers when locating security implementations.
|
AuthenticationConfiguration |
useForwardedAuthenticationCredentials(SecurityDomain securityDomain)
Create a new configuration which is the same as this configuration, but which forwards the authentication
credentials from the current identity of the given security domain.
|
AuthenticationConfiguration |
useForwardedAuthenticationIdentity(SecurityDomain securityDomain)
Create a new configuration which is the same as this configuration, but which forwards the authentication name
from the current identity of the given security domain.
|
AuthenticationConfiguration |
useForwardedAuthorizationIdentity(SecurityDomain securityDomain)
Create a new configuration which is the same as this configuration, but which forwards the authorization name
from the current identity of the given security domain.
|
AuthenticationConfiguration |
useForwardedIdentity(SecurityDomain securityDomain)
Create a new configuration which is the same as this configuration, but which forwards the authentication name
and credentials from the current identity of the given security domain.
|
AuthenticationConfiguration |
useGSSCredential(GSSCredential credential)
Create a new configuration which is the same as this configuration, but which uses the given GSS-API credential to authenticate.
|
AuthenticationConfiguration |
useHost(String hostName)
Deprecated.
This configuration is not supported by most providers and will be removed in a future release.
|
AuthenticationConfiguration |
useKerberosSecurityFactory(SecurityFactory<Credential> kerberosSecurityFactory)
Deprecated.
|
AuthenticationConfiguration |
useKeyManagerCredential(X509KeyManager keyManager)
Create a new configuration which is the same as this configuration, but which uses the given key manager
to acquire the credential required for authentication.
|
AuthenticationConfiguration |
useKeyStoreCredential(KeyStore.Entry keyStoreEntry)
Create a new configuration which is the same as this configuration, but which uses the given key store and alias
to acquire the credential required for authentication.
|
AuthenticationConfiguration |
useKeyStoreCredential(KeyStore keyStore,
String alias)
Create a new configuration which is the same as this configuration, but which uses the given key store and alias
to acquire the credential required for authentication.
|
AuthenticationConfiguration |
useKeyStoreCredential(KeyStore keyStore,
String alias,
KeyStore.ProtectionParameter protectionParameter)
Create a new configuration which is the same as this configuration, but which uses the given key store and alias
to acquire the credential required for authentication.
|
AuthenticationConfiguration |
useLocalKerberosCredential(Oid[] mechanismOids)
Deprecated.
can be ommited - kerberos based authentication mechanism obtains credential himself
|
AuthenticationConfiguration |
useMechanismProperties(Map<String,?> mechanismProperties)
Deprecated.
|
AuthenticationConfiguration |
useMechanismProperties(Map<String,?> mechanismProperties,
boolean exclusive)
Deprecated.
|
AuthenticationConfiguration |
useName(String name)
Create a new configuration which is the same as this configuration, but which uses the given login name to authenticate.
|
AuthenticationConfiguration |
useParameterSpec(AlgorithmParameterSpec parameterSpec)
Create a new configuration which is the same as this configuration, but which uses the given parameter specification.
|
AuthenticationConfiguration |
usePassword(char[] password)
Create a new configuration which is the same as this configuration, but which uses the given password to authenticate.
|
AuthenticationConfiguration |
usePassword(Password password)
Create a new configuration which is the same as this configuration, but which uses the given password to authenticate.
|
AuthenticationConfiguration |
usePassword(String password)
Create a new configuration which is the same as this configuration, but which uses the given password to authenticate.
|
AuthenticationConfiguration |
usePort(int port)
Deprecated.
This configuration is not supported by most providers and will be removed in a future release.
|
AuthenticationConfiguration |
usePrincipal(NamePrincipal principal)
Create a new configuration which is the same as this configuration, but which uses the given principal to authenticate.
|
AuthenticationConfiguration |
usePrincipal(Principal principal)
Create a new configuration which is the same as this configuration, but which uses the given principal to authenticate.
|
AuthenticationConfiguration |
useProtocol(String protocol)
Deprecated.
This configuration is not supported by most providers and will be removed in a future release.
|
AuthenticationConfiguration |
useProviders(Supplier<Provider[]> providerSupplier)
Use the given security provider supplier to locate security implementations.
|
AuthenticationConfiguration |
useProvidersFromClassLoader(ClassLoader classLoader)
Use security providers from the given class loader.
|
AuthenticationConfiguration |
useRealm(String realm)
Create a new configuration which is the same as this configuration, but uses the given realm for authentication.
|
AuthenticationConfiguration |
useSaslClientFactory(SaslClientFactory saslClientFactory)
Use a pre-existing
SaslClientFactory instead of discovery. |
AuthenticationConfiguration |
useSaslClientFactory(Supplier<SaslClientFactory> saslClientFactory)
Use the given sasl client factory supplier to obtain the
SaslClientFactory to use. |
AuthenticationConfiguration |
useSaslClientFactoryFromProviders()
Use provider based discovery to load available
SaslClientFactory implementations. |
AuthenticationConfiguration |
useSaslMechanismProperties(Map<String,?> mechanismProperties)
Create a new configuration which is the same as this configuration, but which sets the properties that will be passed to
the
SaslClientFactory when the mechanism is created. |
AuthenticationConfiguration |
useSaslMechanismProperties(Map<String,?> mechanismProperties,
boolean exclusive)
Create a new configuration which is the same as this configuration, but which sets the properties that will be passed to
the
SaslClientFactory when the mechanism is created. |
AuthenticationConfiguration |
useSaslProtocol(String saslProtocol)
Create a new configuration which is the same as this configuration, but which specifies a different protocol to be passed to the authentication mechanisms.
|
AuthenticationConfiguration |
useTrustManager(X509TrustManager trustManager)
Create a new configuration which is the same as this configuration, but which uses the given trust manager
for trust verification.
|
AuthenticationConfiguration |
with(AuthenticationConfiguration other)
Create a new configuration which is the same as this configuration, but which adds or replaces every item in the
other configuration with that item, overwriting any corresponding such item in this configuration. |
AuthenticationConfiguration |
withCapturedAccessControlContext()
Create a new configuration which is the same as this configuration, but which captures the caller's access
control context to be used in authentication decisions.
|
@Deprecated public static final AuthenticationConfiguration EMPTY
empty()
method insteadpublic static AuthenticationConfiguration empty()
public AuthenticationConfiguration rewriteUser(NameRewriter rewriter)
rewriter
- the name rewriterpublic AuthenticationConfiguration rewriteUserOnlyWith(NameRewriter rewriter)
rewriter
- the name rewriterpublic AuthenticationConfiguration useAnonymous()
public AuthenticationConfiguration usePrincipal(NamePrincipal principal)
principal
- the principal to use (must not be null
)public AuthenticationConfiguration usePrincipal(Principal principal)
principal
- the principal to use (must not be null
)public AuthenticationConfiguration useName(String name)
name
- the principal to use (must not be null
)public AuthenticationConfiguration useAuthorizationName(String name)
name
- the name to use, or null
to not request authorization in the new configurationpublic AuthenticationConfiguration useAuthorizationPrincipal(Principal principal)
principal
- the principal to use, or null
to not request authorization in the new configurationpublic AuthenticationConfiguration useCredential(Credential credential)
credential
- the credential to authenticatepublic AuthenticationConfiguration usePassword(Password password)
password
- the password to usepublic AuthenticationConfiguration usePassword(char[] password)
password
- the password to usepublic AuthenticationConfiguration usePassword(String password)
password
- the password to usepublic AuthenticationConfiguration useCredentialCallbackHandler(CallbackHandler callbackHandler)
callbackHandler
- the password callback handlerpublic AuthenticationConfiguration useCallbackHandler(CallbackHandler callbackHandler)
Important notes: It is important to ensure that each distinct client identity uses a distinct CallbackHandler
instance in order to avoid mis-pooling of connections, identity crossovers, and other potentially serious problems.
It is not recommended that a CallbackHandler
implement equals()
and hashCode()
, however if it does,
it is important to ensure that these methods consider equality based on an authenticating identity that does not
change between instances. In particular, a callback handler which requests user input on each usage is likely to cause
a problem if the user name can change on each authentication request.
Because CallbackHandler
instances are unique per identity, it is often useful for instances to cache
identity information, credentials, and/or other authentication-related information in order to facilitate fast
re-authentication.
callbackHandler
- the callback handler to usepublic AuthenticationConfiguration useCallbackHandler(CallbackHandler callbackHandler, Set<CallbackKind> callbackKinds)
Important notes: It is important to ensure that each distinct client identity uses a distinct CallbackHandler
instance in order to avoid mis-pooling of connections, identity crossovers, and other potentially serious problems.
It is not recommended that a CallbackHandler
implement equals()
and hashCode()
, however if it does,
it is important to ensure that these methods consider equality based on an authenticating identity that does not
change between instances. In particular, a callback handler which requests user input on each usage is likely to cause
a problem if the user name can change on each authentication request.
Because CallbackHandler
instances are unique per identity, it is often useful for instances to cache
identity information, credentials, and/or other authentication-related information in order to facilitate fast
re-authentication.
callbackHandler
- the callback handler to usecallbackKinds
- the kinds of callbacks that the handler should usepublic AuthenticationConfiguration useGSSCredential(GSSCredential credential)
credential
- the GSS-API credential to usepublic AuthenticationConfiguration useKeyStoreCredential(KeyStore.Entry keyStoreEntry)
keyStoreEntry
- the key store entry to usepublic AuthenticationConfiguration useKeyStoreCredential(KeyStore keyStore, String alias)
keyStore
- the key store to usealias
- the key store aliaspublic AuthenticationConfiguration useKeyStoreCredential(KeyStore keyStore, String alias, KeyStore.ProtectionParameter protectionParameter)
keyStore
- the key store to usealias
- the key store aliasprotectionParameter
- the protection parameter to use to access the key store entrypublic AuthenticationConfiguration useCertificateCredential(PrivateKey privateKey, X509Certificate... certificateChain)
privateKey
- the client private keycertificateChain
- the client certificate chainpublic AuthenticationConfiguration useCertificateCredential(X509CertificateChainPrivateCredential credential)
credential
- the credential containing the private key and certificate chainpublic AuthenticationConfiguration useCredentialStoreEntry(CredentialStore credentialStore, String alias)
credentialStore
- the credential store (must not be null
)alias
- the alias within the store (must not be null
)public AuthenticationConfiguration useKeyManagerCredential(X509KeyManager keyManager)
keyManager
- the key manager to use@Deprecated public AuthenticationConfiguration useLocalKerberosCredential(Oid[] mechanismOids)
mechanismOids
- array of oid's indicating the mechanisms over which the credential is to be acquiredpublic AuthenticationConfiguration useCredentials(CredentialSource credentials)
credentials
- the credentials to usepublic AuthenticationConfiguration useChoice(BiPredicate<Class<? extends ChoiceCallback>,String> matchPredicate, String choice)
true
.matchPredicate
- the predicate that should be used to determine if a choice callback type and prompt are
relevant for the given choicechoice
- the choice to use if the given predicate evaluates to true
public AuthenticationConfiguration useParameterSpec(AlgorithmParameterSpec parameterSpec)
parameterSpec
- the algorithm parameter specification to usepublic AuthenticationConfiguration useTrustManager(X509TrustManager trustManager)
trustManager
- the trust manager to use or null
if the default trust manager should be used@Deprecated public AuthenticationConfiguration useHost(String hostName)
hostName
- the host name to connect to@Deprecated public AuthenticationConfiguration useProtocol(String protocol)
protocol
- the protocol to be used for outgoing connection.public AuthenticationConfiguration useSaslProtocol(String saslProtocol)
saslProtocol
- the protocol to pass to the authentication mechanisms.@Deprecated public AuthenticationConfiguration usePort(int port)
port
- the port to connect to, or -1 to not override the portpublic AuthenticationConfiguration useForwardedIdentity(SecurityDomain securityDomain)
securityDomain
- the security domainpublic AuthenticationConfiguration useForwardedAuthenticationIdentity(SecurityDomain securityDomain)
securityDomain
- the security domainpublic AuthenticationConfiguration useForwardedAuthenticationCredentials(SecurityDomain securityDomain)
securityDomain
- the security domainpublic AuthenticationConfiguration useForwardedAuthorizationIdentity(SecurityDomain securityDomain)
securityDomain
- the security domainpublic AuthenticationConfiguration useProviders(Supplier<Provider[]> providerSupplier)
providerSupplier
- the provider supplierpublic AuthenticationConfiguration useDefaultProviders()
public AuthenticationConfiguration useProvidersFromClassLoader(ClassLoader classLoader)
classLoader
- the class loader to search for security providerspublic AuthenticationConfiguration useSaslClientFactory(SaslClientFactory saslClientFactory)
SaslClientFactory
instead of discovery.saslClientFactory
- the pre-existing SaslClientFactory
to use.public AuthenticationConfiguration useSaslClientFactory(Supplier<SaslClientFactory> saslClientFactory)
SaslClientFactory
to use.saslClientFactory
- the sasl client factory supplier to use.public AuthenticationConfiguration useSaslClientFactoryFromProviders()
SaslClientFactory
implementations.@Deprecated public AuthenticationConfiguration useMechanismProperties(Map<String,?> mechanismProperties)
useSaslMechanismProperties(Map)
SaslClientFactory
when the mechanism is created.
Existing properties defined on this authentication context will be retained unless overridden by new properties, any
properties resulting with a value of null
will be removed.mechanismProperties
- the properties to be passed to the SaslClientFactory
to create the mechanism.public AuthenticationConfiguration useSaslMechanismProperties(Map<String,?> mechanismProperties)
SaslClientFactory
when the mechanism is created.
Existing properties defined on this authentication context will be retained unless overridden by new properties, any
properties resulting with a value of null
will be removed.mechanismProperties
- the properties to be passed to the SaslClientFactory
to create the mechanism.@Deprecated public AuthenticationConfiguration useMechanismProperties(Map<String,?> mechanismProperties, boolean exclusive)
useSaslMechanismProperties(Map, boolean)
SaslClientFactory
when the mechanism is created.
If exclusive the existing properties will be discarded and replaced with the new properties otherwise existing properties
defined on this authentication context will be retained unless overridden by new properties, any properties resulting
with a value of null
will be removed.mechanismProperties
- the properties to be passed to the SaslClientFactory
to create the mechanism.exclusive
- should the provided properties be used exclusively or merged with the existing properties?public AuthenticationConfiguration useSaslMechanismProperties(Map<String,?> mechanismProperties, boolean exclusive)
SaslClientFactory
when the mechanism is created.
If exclusive the existing properties will be discarded and replaced with the new properties otherwise existing properties
defined on this authentication context will be retained unless overridden by new properties, any properties resulting
with a value of null
will be removed.mechanismProperties
- the properties to be passed to the SaslClientFactory
to create the mechanism.exclusive
- should the provided properties be used exclusively or merged with the existing properties?@Deprecated public AuthenticationConfiguration useKerberosSecurityFactory(SecurityFactory<Credential> kerberosSecurityFactory)
kerberosSecurityFactory
- a reference to the kerberos security factory to be usepublic AuthenticationConfiguration setSaslMechanismSelector(org.wildfly.security.sasl.SaslMechanismSelector saslMechanismSelector)
saslMechanismSelector
- the SASL mechanism selector, or null
to clear the current selectorpublic AuthenticationConfiguration useRealm(String realm)
realm
- the realm to use, or null
to accept the default realm alwayspublic AuthenticationConfiguration useBearerTokenCredential(BearerTokenCredential credential)
BearerTokenCredential
to authenticate.credential
- the bearer token credential to usepublic AuthenticationConfiguration withCapturedAccessControlContext()
public AuthenticationConfiguration with(AuthenticationConfiguration other)
other
configuration with that item, overwriting any corresponding such item in this configuration.other
- the other authentication configurationpublic boolean equals(Object obj)
public boolean equals(AuthenticationConfiguration other)
other
- the other objecttrue
if they are equal, false
otherwisepublic int hashCode()
Copyright © 2019 JBoss by Red Hat. All rights reserved.