org.apache.catalina.authenticator.jaspic

Class SimpleServerAuthContext

java.lang.Object

org.apache.catalina.authenticator.jaspic.SimpleServerAuthContext

All Implemented Interfaces:

ServerAuthContext, ServerAuth

public class SimpleServerAuthContext
extends java.lang.Object
implements ServerAuthContext

Basic implementation primarily intended for use when using third-party ServerAuthModule implementations that only provide the module. This implementation supports multiple modules and will treat the user as authenticated if any one module is able to authenticate the user.

Constructor Summary

Constructors

Constructor and Description
SimpleServerAuthContext(java.util.List<ServerAuthModule> modules)

Method Summary

Modifier and Type	Method and Description
void	cleanSubject(MessageInfo messageInfo, javax.security.auth.Subject subject) Remove principals and/or credentials from the subject that were previously added by this authentication mechanism.
AuthStatus	secureResponse(MessageInfo messageInfo, javax.security.auth.Subject serviceSubject) Secure (authenticate) the response.
AuthStatus	validateRequest(MessageInfo messageInfo, javax.security.auth.Subject clientSubject, javax.security.auth.Subject serviceSubject) Validate the request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SimpleServerAuthContext

public SimpleServerAuthContext(java.util.List<ServerAuthModule> modules)

Method Detail

validateRequest

public AuthStatus validateRequest(MessageInfo messageInfo,
                                  javax.security.auth.Subject clientSubject,
                                  javax.security.auth.Subject serviceSubject)
                           throws AuthException

Description copied from interface: javax.security.auth.message.ServerAuth

Validate the request.

Specified by:

validateRequest in interface ServerAuth

Parameters:

messageInfo - The associated request and response

clientSubject - The subject that represents the source of the request

serviceSubject - The subject that represents the recipient of the request

Returns:

An AuthStatus instance that represents the result of the validation

Throws:

AuthException - If the a failure occurred in a manner that prevented the failure from being communicated via messageInfo

secureResponse

public AuthStatus secureResponse(MessageInfo messageInfo,
                                 javax.security.auth.Subject serviceSubject)
                          throws AuthException

Description copied from interface: javax.security.auth.message.ServerAuth

Secure (authenticate) the response.

Specified by:

secureResponse in interface ServerAuth

Parameters:

messageInfo - The associated request and response

serviceSubject - The subject that represents the source of the response

Returns:

An AuthStatus instance that represents the result of the authentication

Throws:

AuthException - If the a failure occurred in a manner that prevented the failure from being communicated via messageInfo

cleanSubject

public void cleanSubject(MessageInfo messageInfo,
                         javax.security.auth.Subject subject)
                  throws AuthException

Description copied from interface: javax.security.auth.message.ServerAuth

Remove principals and/or credentials from the subject that were previously added by this authentication mechanism.

Specified by:

cleanSubject in interface ServerAuth

Parameters:

messageInfo - The associated request and response

subject - The subject to clean

Throws:

AuthException - If the a failure occurred