public class UsernameTokenServerAuthModule extends AbstractServerAuthModule
callbackHandler, options, requestPolicy, responsePolicy, supportedTypes
Constructor and Description |
---|
UsernameTokenServerAuthModule() |
UsernameTokenServerAuthModule(String lmshName) |
Modifier and Type | Method and Description |
---|---|
protected String |
getSecurityDomainName() |
void |
initialize(MessagePolicy requestPolicy,
MessagePolicy responsePolicy,
CallbackHandler handler,
Map options)
Initialize this module with request and response message policies to enforce, a CallbackHandler, and any
module-specific configuration properties.
|
AuthStatus |
secureResponse(MessageInfo messageInfo,
Subject arg1)
Secure a service response before sending it to the client.
|
protected boolean |
validate(Subject clientSubject,
MessageInfo messageInfo)
Subclasses have to implement this method to actually validate the subject
|
AuthStatus |
validateRequest(MessageInfo messageInfo,
Subject clientSubject,
Subject serviceSubject)
This method delegates to a login module if configured in the module options.
|
cleanSubject, getCallbackHandler, getSupportedMessageTypes, setCallbackHandler
public UsernameTokenServerAuthModule()
public UsernameTokenServerAuthModule(String lmshName)
public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy, CallbackHandler handler, Map options) throws AuthException
ServerAuthModule
The request policy and the response policy must not both be null.
initialize
in interface ServerAuthModule
initialize
in class AbstractServerAuthModule
requestPolicy
- The request policy this module must enforce, or null.responsePolicy
- The response policy this module must enforce, or null.handler
- CallbackHandler used to request information.options
- A Map of module-specific configuration properties.AuthException
- If module initialization fails, including for the case where the options argument contains
elements that are not supported by the module.ServerAuthModule.initialize(javax.security.auth.message.MessagePolicy, javax.security.auth.message.MessagePolicy, javax.security.auth.callback.CallbackHandler, java.util.Map)
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException
AbstractServerAuthModule
validateRequest
in interface ServerAuth
validateRequest
in class AbstractServerAuthModule
messageInfo
- A contextual object that encapsulates the client request and server response objects, and that may
be used to save state across a sequence of calls made to the methods of this interface for the purpose of completing
a secure message exchange.clientSubject
- A Subject that represents the source of the service request. It is used by the method
implementation to store Principals and credentials validated in the request.serviceSubject
- A Subject that represents the recipient of the service request, or null. It may be used by the
method implementation as the source of Principals or credentials to be used to validate the request. If the Subject
is not null, the method implementation may add additional Principals or credentials (pertaining to the recipient of
the service request) to the Subject.AuthException
- When the message processing failed without establishing a failure response message (in
messageInfo).public AuthStatus secureResponse(MessageInfo messageInfo, Subject arg1) throws AuthException
ServerAuth
This method conveys the outcome of its message processing either by returning an AuthStatus value or by throwing an AuthException.
messageInfo
- A contextual object that encapsulates the client request and server response objects, and that may
be used to save state across a sequence of calls made to the methods of this interface for the purpose of completing
a secure message exchange.arg1
- A Subject that represents the source of the service response, or null. It may be used by the
method implementation to retrieve Principals and credentials necessary to secure the response. If the Subject is not
null, the method implementation may add additional Principals or credentials (pertaining to the source of the service
response) to the Subject.AuthException
- When the message processing failed without establishing a failure response message (in
messageInfo).protected String getSecurityDomainName()
protected boolean validate(Subject clientSubject, MessageInfo messageInfo) throws AuthException
AbstractServerAuthModule
validate
in class AbstractServerAuthModule
AuthException
Copyright © 2020 JBoss by Red Hat. All rights reserved.