com.sun.identity.authentication.server

Class AuthContextLocal

java.lang.Object

com.sun.identity.authentication.server.AuthContextLocal

All Implemented Interfaces:

Serializable

public final class AuthContextLocal
extends Object
implements Serializable

The AuthContextLocal provides the implementation for authenticating users.

A typical caller instantiates this class and starts the login process. The caller then obtains an array of Callback objects, which contains the information required by the authentication plug-in module. The caller requests information from the user. On receiving the information from the user, the caller submits the same to this class. If more information is required, the above process continues until all the information required by the plug-ins/authentication modules, has been supplied. The caller then checks if the user has successfully been authenticated. If successfully authenticated, the caller can then get the Subject and SSOToken for the user; if not successfully authenticated, the caller obtains the AuthLoginException.

The implementation supports authenticating users either locally i.e., in process with all authentication modules configured or remotely to an authentication service/framework. (See documentation to configure in either of the modes).

The getRequirements() and submitRequirements() are used to pass the user credentials for authentication by the plugin modules,getStatus() returns the authentication status.

It should be serializable as a requirement to be stored in HttpSession.

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
AuthContextLocal(String orgName) Creates AuthContextLocal instance is obtained for a given organization name, or sub organization name.

Method Summary

Modifier and Type	Method and Description
void	abort() Terminates an ongoing login call that has not yet completed.
AuthLoginException	getLoginException() Returns login exception, if any, during the authentication process.
Set	getModuleInstanceNames() Returns authentication module/s instances(or) plugin(s) configured for an organization, or sub-organization that was set during the AuthContext constructor.
String	getOrganizationName() Returns the the organization name that was set during the AuthContextLocal constructor.
Callback[]	getRequirements() Returns an array of Callback objects that must be populated by the user and returned back.
Callback[]	getRequirements(boolean noFilter) Returns an array of Callback objects that must be populated by the user and returned back.
SSOToken	getSSOToken() Returns the Single-Sign-On (SSO) Token for the authenticated user.Single-Sign-On token can be used as the authenticated token.
AuthContext.Status	getStatus() Returns the current status of the authentication process.
Subject	getSubject() Returns the set of Principals the user has been authenticated as.
boolean	hasMoreRequirements() Checks if the login process requires more information from the user to complete the authentication.
void	login() Starts the login process for the given AuthContextLocal object.
void	login(AuthContext.IndexType type, String indexName) Start the login process for the AuthContextLocal object identified by the index type and index name.
void	login(Principal principal, char[] password) Starts the login process for the given AuthContextLocals object for the given Principal and the user's password.
void	login(Subject subject) Starts the login process for the given AuthContextLocal object for the given Subject.
void	logout() Logs out the user and also invalidates the SSOToken associated with this AuthContextLocal.
void	submitRequirements(Callback[] info) Submit the populated Callback objects to the authentication plug-in modules.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthContextLocal

public AuthContextLocal(String orgName)

Creates AuthContextLocal instance is obtained for a given organization name, or sub organization name. login method is then used to start the authentication process.

Parameters:

orgName - name of the user's organization.

Method Detail

getModuleInstanceNames

public Set getModuleInstanceNames()

Returns authentication module/s instances(or) plugin(s) configured for an organization, or sub-organization that was set during the AuthContext constructor.

Returns:

authentication module/s instances (or plugins).

Throws:

UnsupportedOperationException - if an error occurred.

login

public void login()
           throws AuthLoginException

Starts the login process for the given AuthContextLocal object.

Throws:

AuthLoginException - if an error occurred during login.

login

public void login(Principal principal,
                  char[] password)
           throws AuthLoginException

Starts the login process for the given AuthContextLocals object for the given Principal and the user's password. This method should be called primarily when the authenticator knows there would no other credentials needed to complete the authentication process.

Parameters:

principal - Principal of the user to be authenticated.

password - password for the user.

Throws:

AuthLoginException - if an error occurred during login.

login

public void login(AuthContext.IndexType type,
                  String indexName)
           throws AuthLoginException

Start the login process for the AuthContextLocal object identified by the index type and index name. The IndexType defines the possible kinds of "objects" or "resources" for which an authentication can be performed. Currently supported index types are users, roles, services (or application), levels and mechanism.

Parameters:

type - authentication index type.

indexName - authentication index name.

Throws:

AuthLoginException - if an error occurred during login.

login

public void login(Subject subject)
           throws AuthLoginException

Starts the login process for the given AuthContextLocal object for the given Subject. Refer to JAAS for description on Subject.

Parameters:

subject - Subject of the user to be authenticated.

Throws:

AuthLoginException - if an error occurred during login.

getSubject

public Subject getSubject()

Returns the set of Principals the user has been authenticated as. This should be invoked only after successful authentication. If the authentication fails or the authentication is in process, this will return null.

Returns:

The set of Principals the user has been authenticated as.

hasMoreRequirements

public boolean hasMoreRequirements()

Checks if the login process requires more information from the user to complete the authentication.

Returns:

true if more credentials are required from the user.

getRequirements

public Callback[] getRequirements()

Returns an array of Callback objects that must be populated by the user and returned back. These objects are requested by the authentication plug-ins, and these are usually displayed to the user. The user then provides the requested information for it to be authenticated.

Returns:

an array of Callback objects requesting credentials from user.

getRequirements

public Callback[] getRequirements(boolean noFilter)

Returns an array of Callback objects that must be populated by the user and returned back. These objects are requested by the authentication plug-ins, and these are usually displayed to the user. The user then provides the requested information for it to be authenticated.

Parameters:

noFilter - flag to indicate if there is a Filter

Returns:

an array of Callback objects requesting credentials from user.

submitRequirements

public void submitRequirements(Callback[] info)

Submit the populated Callback objects to the authentication plug-in modules. Called after getRequirements method and obtaining user's response to these requests.

Parameters:

info - array of Callback objects

logout

public void logout()
            throws AuthLoginException

Logs out the user and also invalidates the SSOToken associated with this AuthContextLocal.

Throws:

AuthLoginException - if an error occurred during logout

getLoginException

public AuthLoginException getLoginException()

Returns login exception, if any, during the authentication process. Typically set when the login fails.

Returns:

login exception.

getStatus

public AuthContext.Status getStatus()

Returns the current status of the authentication process.

Returns:

the current status of the authentication process.

getSSOToken

public SSOToken getSSOToken()

Returns the Single-Sign-On (SSO) Token for the authenticated user.Single-Sign-On token can be used as the authenticated token.

Returns:

single-sign-on token

getOrganizationName

public String getOrganizationName()

Returns the the organization name that was set during the AuthContextLocal constructor.

Returns:

Organization name.

abort

public void abort()
           throws AuthLoginException

Terminates an ongoing login call that has not yet completed.

Throws:

AuthLoginException - if an error occurred during abort.