| Package | Description |
|---|---|
| org.forgerock.caf.authentication.api |
This package defines the core interfaces and classes to provide an asynchronous and improved
JASPI-like message authentication API.
|
| org.forgerock.caf.authentication.framework |
This package defines the authentication framework classes for the authentication of messages
via authentication contexts and modules.
|
| org.forgerock.jaspi.modules.openid |
This package contains classes which form the Open ID Connect JASPIc AuthN module.
|
| org.forgerock.jaspi.modules.session.jwt |
This package contains classes for the Jwt Session JASPI Authentication Module.
|
| Modifier and Type | Method and Description |
|---|---|
Promise<Void,AuthenticationException> |
AsyncServerAuthContext.cleanSubject(MessageContext context,
Subject clientSubject)
Removes any method specific principals and credentials from the client subject.
|
Promise<Void,AuthenticationException> |
AsyncServerAuthModule.cleanSubject(MessageInfoContext messageInfo,
Subject clientSubject)
Removes any method specific principals and credentials from the client subject.
|
Promise<javax.security.auth.message.AuthStatus,AuthenticationException> |
AsyncServerAuthContext.secureResponse(MessageContext context,
Subject serviceSubject)
Secures the outgoing response message.
|
Promise<javax.security.auth.message.AuthStatus,AuthenticationException> |
AsyncServerAuthModule.secureResponse(MessageInfoContext messageInfo,
Subject serviceSubject)
Secures the outgoing response message.
|
Promise<javax.security.auth.message.AuthStatus,AuthenticationException> |
AsyncServerAuthContext.validateRequest(MessageContext context,
Subject clientSubject,
Subject serviceSubject)
Validates the incoming request message.
|
Promise<javax.security.auth.message.AuthStatus,AuthenticationException> |
AsyncServerAuthModule.validateRequest(MessageInfoContext messageInfo,
Subject clientSubject,
Subject serviceSubject)
Validates the incoming request message.
|
| Modifier and Type | Method and Description |
|---|---|
void |
AsyncServerAuthModule.initialize(javax.security.auth.message.MessagePolicy requestPolicy,
javax.security.auth.message.MessagePolicy responsePolicy,
CallbackHandler handler,
Map<String,Object> options)
Initialize this module with request and response message policies to enforce, a
CallbackHandler, and any module specific configuration properties. |
| Modifier and Type | Class and Description |
|---|---|
class |
AuthenticationFailedException
An authentication exception which signifies that authentication of the request has failed and an
appropriate unauthorized response should be returned to the client.
|
| Modifier and Type | Method and Description |
|---|---|
Promise<Void,AuthenticationException> |
FallbackAuthContext.cleanSubject(MessageContext context,
Subject clientSubject)
Calls each
AsyncServerAuthContext in parallel to clean the client subject and
only return a successful promise if all complete successfully otherwise returns the first
exception in a failed promise. |
Promise<javax.security.auth.message.AuthStatus,AuthenticationException> |
FallbackAuthContext.secureResponse(MessageContext context,
Subject serviceSubject)
Secures the response message using the same
AsyncServerAuthModule that
authenticated the incoming request message. |
Promise<javax.security.auth.message.AuthStatus,AuthenticationException> |
FallbackAuthContext.validateRequest(MessageContext context,
Subject clientSubject,
Subject serviceSubject)
Authenticates the incoming request message by calling each
AsyncServerAuthModule
in order until an auth module returns an AuthStatus value other than
SEND_FAILURE, or returns an AuthenticationException or the end of the
module list is reached. |
| Modifier and Type | Method and Description |
|---|---|
void |
ResponseWriter.write(MessageContext context,
AuthenticationException exception)
Write the details of the exception out, and set the content type of the response.
|
| Modifier and Type | Method and Description |
|---|---|
AuthenticationFilter |
AuthenticationFilter.AuthenticationFilterBuilder.build()
Creates a new
JaspiRuntimeFilter instance based on the configuration provided. |
| Modifier and Type | Method and Description |
|---|---|
Promise<Void,AuthenticationException> |
OpenIdConnectModule.cleanSubject(MessageInfoContext messageInfo,
Subject subject)
Nothing to clean.
|
Promise<javax.security.auth.message.AuthStatus,AuthenticationException> |
OpenIdConnectModule.secureResponse(MessageInfoContext messageInfo,
Subject subject)
Sends SEND_SUCCESS automatically.
|
Promise<javax.security.auth.message.AuthStatus,AuthenticationException> |
OpenIdConnectModule.validateRequest(MessageInfoContext messageInfo,
Subject clientSubject,
Subject serviceSubject)
Attempts to retrieve the value of the specified OpenID Connect header from the messageInfo, then
converts this to a Jwt and attempts to decrypt.
|
| Modifier and Type | Method and Description |
|---|---|
void |
OpenIdConnectModule.initialize(javax.security.auth.message.MessagePolicy requestPolicy,
javax.security.auth.message.MessagePolicy responsePolicy,
CallbackHandler callbackHandler,
Map<String,Object> config)
Initialize this module with request and response message policies to enforce, a
CallbackHandler, and any module specific configuration properties. |
| Modifier and Type | Method and Description |
|---|---|
Promise<Void,AuthenticationException> |
JwtSessionModule.cleanSubject(MessageInfoContext messageInfo,
Subject clientSubject) |
Promise<javax.security.auth.message.AuthStatus,AuthenticationException> |
JwtSessionModule.secureResponse(MessageInfoContext messageInfo,
Subject serviceSubject) |
Promise<javax.security.auth.message.AuthStatus,AuthenticationException> |
JwtSessionModule.validateRequest(MessageInfoContext messageInfo,
Subject clientSubject,
Subject serviceSubject) |
| Modifier and Type | Method and Description |
|---|---|
void |
AbstractJwtSessionModule.initialize(CallbackHandler handler,
Map options)
Initialises the module by getting the Keystore and Key alias properties out of the module configuration.
|
void |
KeyStoreJwtCryptographyHandler.initialize(Map<String,Object> options) |
void |
JwtCryptographyHandler.initialize(Map<String,Object> options)
Initialise the handler.
|
void |
JwtSessionModule.initialize(javax.security.auth.message.MessagePolicy requestPolicy,
javax.security.auth.message.MessagePolicy responsePolicy,
CallbackHandler handler,
Map<String,Object> options) |
javax.security.auth.message.AuthStatus |
AbstractJwtSessionModule.secureResponse(javax.security.auth.message.MessageInfo messageInfo)
Creates a JWT after a successful authentication and sets it as a Cookie on the response.
|
javax.security.auth.message.AuthStatus |
AbstractJwtSessionModule.validateRequest(javax.security.auth.message.MessageInfo messageInfo,
Subject clientSubject)
Checks for the presence of the JWT as a Cookie on the request and validates the signature and decrypts it and
checks the expiration time of the JWT.
|
Copyright © 2010-2018, ForgeRock All Rights Reserved.