File Doc Category Size Date Package
ServerAuthModule.java API Doc Glassfish v2 API 6697 Fri May 04 22:35:42 BST 2007 com.sun.enterprise.security.jauth

ServerAuthModule

public interface ServerAuthModule

This interface describes a module that can be configured for a ServerAuthContext. The main purpose of this module is to validate client requests and to secure responses back to the client.

A module implementation must assume it may be shared across different requests from different clients. It is the module implementation's responsibility to properly store and restore any state necessary to associate new requests with previous responses. A module that does not need to do so may remain completely stateless.

Modules are passed a shared state Map that can be used to save state across a sequence of calls from validateRequest to secureResponse to disposeSubject. The same Map instance is guaranteed to be passed to all methods in the call sequence. Furthermore, it should be assumed that each call sequence is passed its own unique shared state Map instance.

version: %I%, %G%

Fields Summary
Constructors Summary
Methods Summary
public void disposeSubject(javax.security.auth.Subject subject, java.util.Map sharedState)
Dispose of the Subject.
Remove Principals or credentials from the Subject object that were stored during validateRequest.
param
subject the Subject instance to be disposed.
param
sharedState a Map for modules to save state across a sequence of calls from validateRequest to secureResponse to disposeSubject.
exception
AuthException if the operation failed.
public void initialize(AuthPolicy requestPolicy, AuthPolicy responsePolicy, javax.security.auth.callback.CallbackHandler handler, java.util.Map options)
Initialize this module with a policy to enforce, a CallbackHandler, and administrative options.
Either the the request policy or the response policy (or both) must be non-null.
param
requestPolicy the request policy this module is to enforce, which may be null.
param
responsePolicy the response policy this module is to enforce, which may be null.
param
handler CallbackHandler used to request information from the caller.
param
options administrative options.
public void secureResponse(AuthParam param, javax.security.auth.Subject subject, java.util.Map sharedState)
Secure the response to the client (sign and encrypt the response, for example).
param
param an authentication parameter that encapsulates the client request and server response objects.
param
subject the subject may be used by configured modules to obtain credentials needed to secure the response, or null. If null, the module may use a CallbackHandler to obtain the necessary information.
param
sharedState a Map for modules to save state across a sequence of calls from validateRequest to secureResponse to disposeSubject.
exception
AuthException if the operation failed.
public void validateRequest(AuthParam param, javax.security.auth.Subject subject, java.util.Map sharedState)
Authenticate a client request.
The AuthParam input parameter encapsulates the client request and server response objects. This ServerAuthModule validates the client request object (decrypts content and verifies a signature, for example).
param
param an authentication parameter that encapsulates the client request and server response objects.
param
subject the subject may be used by configured modules to store and Principals and credentials validated in the request.
param
sharedState a Map for modules to save state across a sequence of calls from validateRequest to secureResponse to disposeSubject.
exception
PendingException if the operation is pending (for example, when a module issues a challenge). The module must have updated the response object in the AuthParam.
exception
FailureException if the authentication failed. The module must have updated the response object in the AuthParam.
exception
AuthException if the operation failed.