• Home
• fish.payara.extras
• payara-micro
• 5.184
• source code
• ClientAuthContext.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.sun.enterprise.security.jauth.ClientAuthContext Maven / Gradle / Ivy

/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright (c) 1997-2011 Oracle and/or its affiliates. All rights reserved.
 *
 * The contents of this file are subject to the terms of either the GNU
 * General Public License Version 2 only ("GPL") or the Common Development
 * and Distribution License("CDDL") (collectively, the "License").  You
 * may not use this file except in compliance with the License.  You can
 * obtain a copy of the License at
 * https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html
 * or packager/legal/LICENSE.txt.  See the License for the specific
 * language governing permissions and limitations under the License.
 *
 * When distributing the software, include this License Header Notice in each
 * file and include the License file at packager/legal/LICENSE.txt.
 *
 * GPL Classpath Exception:
 * Oracle designates this particular file as subject to the "Classpath"
 * exception as provided by Oracle in the GPL Version 2 section of the License
 * file that accompanied this code.
 *
 * Modifications:
 * If applicable, add the following below the License Header, with the fields
 * enclosed by brackets [] replaced by your own identifying information:
 * "Portions Copyright [year] [name of copyright owner]"
 *
 * Contributor(s):
 * If you wish your version of this file to be governed by only the CDDL or
 * only the GPL Version 2, indicate your decision by adding "[Contributor]
 * elects to include this software in this distribution under the [CDDL or GPL
 * Version 2] license."  If you don't indicate a single choice of license, a
 * recipient has the option to distribute your version of this file under
 * either the CDDL, the GPL Version 2 or to extend the choice of license to
 * its licensees as provided above.  However, if you add GPL Version 2 code
 * and therefore, elected the GPL Version 2 license, then the option applies
 * only if the new code is made subject to such option by the copyright
 * holder.
 */
// Portions Copyright [2018] [Payara Foundation and/or its affiliates]
package com.sun.enterprise.security.jauth;

/**
 * This ClientAuthContext class manages AuthModules that may be used to secure requests made as a client. A caller
 * typically uses this class in the following manner:
 *
 * 

 * 
Retrieve an instance of this class via AuthConfig.getClientAuthContext.
 * 
Invoke secureRequest. 

 * ClientAuthContext implementation invokes configured plug-in modules. Modules attach credentials to initial request
 * object (for example, a username and password), and/or secure the request (for example, sign and encrypt the request).
 * 
Issue request.
 * 
Receive response and pass it to validateResponse. 

 * ClientAuthContext implementation invokes configured plug-in modules. Modules verify or decrypt response as necessary.
 * 
The disposeSubject method may be invoked if necessary to clean up any authentication state in the Subject.
 * 
 * 
 * 

 * An instance may reuse module instances it previously created. As a result a single module instance may be used to
 * issue different requests as different clients. It is the module implementation's responsibility to properly store and
 * restore any necessary state. A module that does not need to do so may remain completely stateless.
 *
 * 

 * Instances of this class have custom logic to determine what modules to invoke, and in what order. In addition, this
 * custom logic may control whether subsequent modules are invoked based on the success or failure of previously invoked
 * modules.
 *
 * 

 * The caller is responsible for passing in a state Map that can be used by underlying modules to save state across a
 * sequence of calls from secureRequest to validateResponse to disposeSubject.
 * The same Map instance must be passed to all methods in the call sequence. Furthermore, each call sequence should be
 * passed its own unique shared state Map instance.
 *
 * @version %I%, %G%
 * @see AuthConfig
 * @see SOAPAuthParam
 */
public interface ClientAuthContext {

    /**
     * Secure a request message.
     *
     * 

     * Attach authentication credentials to an initial request, sign/encrypt a request, or respond to a server challenge,
     * for example.
     *
     * 

     * This method invokes configured modules to secure the request.
     *
     * @param param an authentication parameter that encapsulates the client request and server response objects.
     *
     * @param subject the subject may be used by configured modules to obtain Principals and credentials necessary to secure
     * the request, or null. If null, the module may use a CallbackHandler to obtain any information necessary to secure the
     * request.
     *
     * @param sharedState a Map for modules to save state across a sequence of calls from secureRequest to
     * validateResponse to disposeSubject.
     *
     * @exception AuthException if the operation failed.
     */
    void secureRequest(AuthParam param,
            javax.security.auth.Subject subject,
            java.util.Map sharedState)
            throws AuthException;

    /**
     * Validate received response.
     *
     * 

     * Validation may include verifying signature in response, or decrypting response contents, for example.
     * 
     * 

     * This method invokes configured modules to validate the response.
     *
     * @param param an authentication parameter that encapsulates the client request and server response objects.
     *
     * @param subject the subject may be used by configured modules to store the Principals and credentials related to the
     * identity validated in the response.
     *
     * @param sharedState a Map for modules to save state across a sequence of calls from secureRequest to
     * validateResponse to disposeSubject.
     *
     * @exception AuthException if the operation failed.
     */
    void validateResponse(AuthParam param,
            javax.security.auth.Subject subject,
            java.util.Map sharedState)
            throws AuthException;

    /**
     * Dispose of the Subject (remove Principals or credentials from the Subject object that were stored during
     * validateResponse).
     *
     * 

     * This method invokes configured modules to dispose the Subject.
     *
     * @param subject the subject to be disposed.
     *
     * @param sharedState a Map for modules to save state across a sequence of calls from secureRequest to
     * validateResponse to disposeSubject.
     *
     * @exception AuthException if the operation failed.
     */
    void disposeSubject(javax.security.auth.Subject subject,
            java.util.Map sharedState)
            throws AuthException;
}