ClientAuthContextpublic interface ClientAuthContext This ClientAuthContext class manages AuthModules that may be used
to secure requests made as a client. A caller typically uses this class
in the following manner:
- Retrieve an instance of this class via AuthConfig.getClientAuthContext.
- Invoke secureRequest.
ClientAuthContext implementation invokes configured plug-in modules.
Modules attach credentials to initial request object
(for example, a username and password), and/or secure the request
(for example, sign and encrypt the request).
- Issue request.
- Receive response and pass it to validateResponse.
ClientAuthContext implementation invokes configured plug-in modules.
Modules verify or decrypt response as necessary.
- The disposeSubject method may be invoked if necessary
to clean up any authentication state in the Subject.
An instance may reuse module instances it
previously created. As a result a single module instance may be used
to issue different requests as different clients.
It is the module implementation's responsibility to properly
store and restore any necessary state. A module that does not need
to do so may remain completely stateless.
Instances of this class have custom logic to determine
what modules to invoke, and in what order. In addition,
this custom logic may control whether subsequent modules are invoked
based on the success or failure of previously invoked modules.
The caller is responsible for passing in a state Map
that can be used by underlying modules to save state across
a sequence of calls from secureRequest
to validateResponse to disposeSubject.
The same Map instance must be passed to all methods in the call sequence.
Furthermore, each call sequence should be passed its own unique
shared state Map instance. |
| Methods Summary |
|---|
| public void | disposeSubject(javax.security.auth.Subject subject, java.util.Map sharedState)Dispose of the Subject
(remove Principals or credentials from the Subject object
that were stored during validateResponse).
This method invokes configured modules to dispose the Subject.
| | public void | secureRequest(AuthParam param, javax.security.auth.Subject subject, java.util.Map sharedState)Secure a request message.
Attach authentication credentials to an initial request,
sign/encrypt a request, or respond to a server challenge, for example.
This method invokes configured modules to secure the request.
| | public void | validateResponse(AuthParam param, javax.security.auth.Subject subject, java.util.Map sharedState)Validate received response.
Validation may include verifying signature in response,
or decrypting response contents, for example.
This method invokes configured modules to validate the response.
|
|
