Class AuthContextLocal
- java.lang.Object
-
- com.sun.identity.authentication.server.AuthContextLocal
-
- All Implemented Interfaces:
Serializable
@Supported public final class AuthContextLocal extends Object implements Serializable
TheAuthContextLocal
provides the implementation for authenticating users.A typical caller instantiates this class and starts the login process. The caller then obtains an array of
Callback
objects, which contains the information required by the authentication plug-in module. The caller requests information from the user. On receiving the information from the user, the caller submits the same to this class. If more information is required, the above process continues until all the information required by the plug-ins/authentication modules, has been supplied. The caller then checks if the user has successfully been authenticated. If successfully authenticated, the caller can then get theSubject
andSSOToken
for the user; if not successfully authenticated, the caller obtains the AuthLoginException.The implementation supports authenticating users either locally i.e., in process with all authentication modules configured or remotely to an authentication service/framework. (See documentation to configure in either of the modes).
The
getRequirements()
andsubmitRequirements()
are used to pass the user credentials for authentication by the plugin modules,getStatus()
returns the authentication status.It should be serializable as a requirement to be stored in HttpSession.
- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description AuthContextLocal(String orgName)
CreatesAuthContextLocal
instance is obtained for a given organization name, or sub organization name.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
abort()
Terminates an ongoinglogin
call that has not yet completed.AuthLoginException
getLoginException()
Returns login exception, if any, during the authentication process.Set
getModuleInstanceNames()
Returns authentication module/s instances(or) plugin(s) configured for an organization, or sub-organization that was set during theAuthContext
constructor.String
getOrganizationName()
Returns the the organization name that was set during theAuthContextLocal
constructor.Callback[]
getRequirements()
Returns an array ofCallback
objects that must be populated by the user and returned back.Callback[]
getRequirements(boolean noFilter)
Returns an array ofCallback
objects that must be populated by the user and returned back.SSOToken
getSSOToken()
Returns the Single-Sign-On (SSO) Token for the authenticated user.Single-Sign-On token can be used as the authenticated token.AuthContext.Status
getStatus()
Returns the current status of the authentication process.Subject
getSubject()
Returns the set of Principals the user has been authenticated as.boolean
hasMoreRequirements()
Checks if the login process requires more information from the user to complete the authentication.void
login()
Starts the login process for the givenAuthContextLocal
object.void
login(AuthContext.IndexType type, String indexName)
Start the login process for theAuthContextLocal
object identified by the index type and index name.void
login(Principal principal, char[] password)
Starts the login process for the givenAuthContextLocal
s object for the givenPrincipal
and the user's password.void
login(Subject subject)
Starts the login process for the givenAuthContextLocal
object for the givenSubject
.void
logout()
Logs out the user and also invalidates theSSOToken
associated with thisAuthContextLocal
.void
submitRequirements(Callback[] info)
Submit the populatedCallback
objects to the authentication plug-in modules.
-
-
-
Constructor Detail
-
AuthContextLocal
@Supported public AuthContextLocal(String orgName)
CreatesAuthContextLocal
instance is obtained for a given organization name, or sub organization name.login
method is then used to start the authentication process.- Parameters:
orgName
- name of the user's organization.
-
-
Method Detail
-
getModuleInstanceNames
@Supported public Set getModuleInstanceNames()
Returns authentication module/s instances(or) plugin(s) configured for an organization, or sub-organization that was set during theAuthContext
constructor.- Returns:
- authentication module/s instances (or plugins).
- Throws:
UnsupportedOperationException
- if an error occurred.
-
login
@Supported public void login() throws AuthLoginException
Starts the login process for the givenAuthContextLocal
object.- Throws:
AuthLoginException
- if an error occurred during login.
-
login
@Supported public void login(Principal principal, char[] password) throws AuthLoginException
Starts the login process for the givenAuthContextLocal
s object for the givenPrincipal
and the user's password. This method should be called primarily when the authenticator knows there would no other credentials needed to complete the authentication process.- Parameters:
principal
-Principal
of the user to be authenticated.password
- password for the user.- Throws:
AuthLoginException
- if an error occurred during login.
-
login
@Supported public void login(AuthContext.IndexType type, String indexName) throws AuthLoginException
Start the login process for theAuthContextLocal
object identified by the index type and index name. TheIndexType
defines the possible kinds of "objects" or "resources" for which an authentication can be performed. Currently supported index types are users, roles, services (or application), levels and mechanism.- Parameters:
type
- authentication index type.indexName
- authentication index name.- Throws:
AuthLoginException
- if an error occurred during login.
-
login
@Supported public void login(Subject subject) throws AuthLoginException
Starts the login process for the givenAuthContextLocal
object for the givenSubject
. Refer to JAAS for description onSubject
.- Parameters:
subject
-Subject
of the user to be authenticated.- Throws:
AuthLoginException
- if an error occurred during login.
-
getSubject
@Supported public Subject getSubject()
Returns the set of Principals the user has been authenticated as. This should be invoked only after successful authentication. If the authentication fails or the authentication is in process, this will returnnull
.- Returns:
- The set of Principals the user has been authenticated as.
-
hasMoreRequirements
@Supported public boolean hasMoreRequirements()
Checks if the login process requires more information from the user to complete the authentication.- Returns:
true
if more credentials are required from the user.
-
getRequirements
@Supported public Callback[] getRequirements()
Returns an array ofCallback
objects that must be populated by the user and returned back. These objects are requested by the authentication plug-ins, and these are usually displayed to the user. The user then provides the requested information for it to be authenticated.- Returns:
- an array of
Callback
objects requesting credentials from user.
-
getRequirements
@Supported public Callback[] getRequirements(boolean noFilter)
Returns an array ofCallback
objects that must be populated by the user and returned back. These objects are requested by the authentication plug-ins, and these are usually displayed to the user. The user then provides the requested information for it to be authenticated.- Parameters:
noFilter
- flag to indicate if there is a Filter- Returns:
- an array of
Callback
objects requesting credentials from user.
-
submitRequirements
@Supported public void submitRequirements(Callback[] info)
Submit the populatedCallback
objects to the authentication plug-in modules. Called aftergetRequirements
method and obtaining user's response to these requests.- Parameters:
info
- array ofCallback
objects
-
logout
@Supported public void logout() throws AuthLoginException
Logs out the user and also invalidates theSSOToken
associated with thisAuthContextLocal
.- Throws:
AuthLoginException
- if an error occurred during logout
-
getLoginException
@Supported public AuthLoginException getLoginException()
Returns login exception, if any, during the authentication process. Typically set when the login fails.- Returns:
- login exception.
-
getStatus
@Supported public AuthContext.Status getStatus()
Returns the current status of the authentication process.- Returns:
- the current status of the authentication process.
-
getSSOToken
@Supported public SSOToken getSSOToken()
Returns the Single-Sign-On (SSO) Token for the authenticated user.Single-Sign-On token can be used as the authenticated token.- Returns:
- single-sign-on token
-
getOrganizationName
@Supported public String getOrganizationName()
Returns the the organization name that was set during theAuthContextLocal
constructor.- Returns:
- Organization name.
-
abort
@Supported public void abort() throws AuthLoginException
Terminates an ongoinglogin
call that has not yet completed.- Throws:
AuthLoginException
- if an error occurred during abort.
-
-