ClientAuthpublic interface ClientAuth An implementation of this interface is used to secure service request
messages, and validate received service response messages. |
Methods Summary |
---|
public void | cleanSubject(MessageInfo messageInfo, javax.security.auth.Subject subject)Remove implementation specific principals and credentials from the
subject.
| public AuthStatus | secureRequest(MessageInfo messageInfo, javax.security.auth.Subject clientSubject)Secure a service request message before sending it to the service.
This method is called to transform the request message acquired
by calling getRequestMessage (on messageInfo) into the
mechanism-specific form to be sent by the runtime.
This method conveys the outcome of its message processing either
by returning an AuthStatus value or by throwing an AuthException.
| public AuthStatus | validateResponse(MessageInfo messageInfo, javax.security.auth.Subject clientSubject, javax.security.auth.Subject serviceSubject)Validate a received service response.
This method is called to transform the mechanism-specific response
message acquired by calling getResponseMessage (on messageInfo)
into the validated application message to be returned to the
message processing runtime. If the response message is a
(mechanism-specific) meta-message, the method implementation must
attempt to transform the meta-message into the next
mechanism-specific request message to be sent by the runtime.
This method conveys the outcome of its message processing either
by returning an AuthStatus value or by throwing an AuthException.
|
|