Package com.sun.identity.authentication.server

Class AuthContextLocal

java.lang.Object
com.sun.identity.authentication.server.AuthContextLocal
All Implemented Interfaces:
Serializable
@Supported public final class AuthContextLocal extends Object implements Serializable
The AuthContextLocal provides the implementation for authenticating users.

A typical caller instantiates this class and starts the login process. The caller then obtains an array of Callback objects, which contains the information required by the authentication plug-in module. The caller requests information from the user. On receiving the information from the user, the caller submits the same to this class. If more information is required, the above process continues until all the information required by the plug-ins/authentication modules, has been supplied. The caller then checks if the user has successfully been authenticated. If successfully authenticated, the caller can then get the Subject and SSOToken for the user; if not successfully authenticated, the caller obtains the AuthLoginException.

The implementation supports authenticating users either locally i.e., in process with all authentication modules configured or remotely to an authentication service/framework. (See documentation to configure in either of the modes).

The getRequirements() and submitRequirements() are used to pass the user credentials for authentication by the plugin modules,getStatus() returns the authentication status.

It should be serializable as a requirement to be stored in HttpSession.

See Also:

  • Constructor Summary

    Constructors
    Constructor
    Description
    AuthContextLocal(String orgName)
    Creates AuthContextLocal instance is obtained for a given organization name, or sub organization name.

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    abort()
    Terminates an ongoing login call that has not yet completed.
    AuthLoginException
    getLoginException()
    Returns login exception, if any, during the authentication process.
    Set
    getModuleInstanceNames()
    Returns authentication module/s instances(or) plugin(s) configured for an organization, or sub-organization that was set during the AuthContext constructor.
    String
    getOrganizationName()
    Returns the the organization name that was set during the AuthContextLocal constructor.
    Callback[]
    getRequirements()
    Returns an array of Callback objects that must be populated by the user and returned back.
    Callback[]
    getRequirements(boolean noFilter)
    Returns an array of Callback objects that must be populated by the user and returned back.
    SSOToken
    getSSOToken()
    Returns the Single-Sign-On (SSO) Token for the authenticated user.Single-Sign-On token can be used as the authenticated token.
    AuthContext.Status
    getStatus()
    Returns the current status of the authentication process.
    Subject
    getSubject()
    Returns the set of Principals the user has been authenticated as.
    boolean
    hasMoreRequirements()
    Checks if the login process requires more information from the user to complete the authentication.
    void
    login()
    Starts the login process for the given AuthContextLocal object.
    void
    login(AuthContext.IndexType type, String indexName)
    Start the login process for the AuthContextLocal object identified by the index type and index name.
    void
    login(Principal principal, char[] password)
    Starts the login process for the given AuthContextLocals object for the given Principal and the user's password.
    void
    login(Subject subject)
    Starts the login process for the given AuthContextLocal object for the given Subject.
    void
    logout()
    Logs out the user and also invalidates the SSOToken associated with this AuthContextLocal.
    void
    submitRequirements(Callback[] info)
    Submit the populated Callback objects to the authentication plug-in modules.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • AuthContextLocal

      @Supported public AuthContextLocal(String orgName)
      Creates AuthContextLocal instance is obtained for a given organization name, or sub organization name. login method is then used to start the authentication process.
      Parameters:
      orgName - name of the user's organization.

  • Method Details

    • getModuleInstanceNames

      @Supported public Set getModuleInstanceNames()
      Returns authentication module/s instances(or) plugin(s) configured for an organization, or sub-organization that was set during the AuthContext constructor.
      Returns:
      authentication module/s instances (or plugins).
      Throws:
      UnsupportedOperationException - if an error occurred.

    • login

      @Supported public void login() throws AuthLoginException
      Starts the login process for the given AuthContextLocal object.
      Throws:
      AuthLoginException - if an error occurred during login.

    • login

      @Supported public void login(Principal principal, char[] password) throws AuthLoginException
      Starts the login process for the given AuthContextLocals object for the given Principal and the user's password. This method should be called primarily when the authenticator knows there would no other credentials needed to complete the authentication process.
      Parameters:
      principal - Principal of the user to be authenticated.
      password - password for the user.
      Throws:
      AuthLoginException - if an error occurred during login.

    • login

      @Supported public void login(AuthContext.IndexType type, String indexName) throws AuthLoginException
      Start the login process for the AuthContextLocal object identified by the index type and index name. The IndexType defines the possible kinds of "objects" or "resources" for which an authentication can be performed. Currently supported index types are users, roles, services (or application), levels and mechanism.
      Parameters:
      type - authentication index type.
      indexName - authentication index name.
      Throws:
      AuthLoginException - if an error occurred during login.

    • login

      @Supported public void login(Subject subject) throws AuthLoginException
      Starts the login process for the given AuthContextLocal object for the given Subject. Refer to JAAS for description on Subject.
      Parameters:
      subject - Subject of the user to be authenticated.
      Throws:
      AuthLoginException - if an error occurred during login.

    • getSubject

      @Supported public Subject getSubject()
      Returns the set of Principals the user has been authenticated as. This should be invoked only after successful authentication. If the authentication fails or the authentication is in process, this will return null.
      Returns:
      The set of Principals the user has been authenticated as.

    • hasMoreRequirements

      @Supported public boolean hasMoreRequirements()
      Checks if the login process requires more information from the user to complete the authentication.
      Returns:
      true if more credentials are required from the user.

    • getRequirements

      @Supported public Callback[] getRequirements()
      Returns an array of Callback objects that must be populated by the user and returned back. These objects are requested by the authentication plug-ins, and these are usually displayed to the user. The user then provides the requested information for it to be authenticated.
      Returns:
      an array of Callback objects requesting credentials from user.

    • getRequirements

      @Supported public Callback[] getRequirements(boolean noFilter)
      Returns an array of Callback objects that must be populated by the user and returned back. These objects are requested by the authentication plug-ins, and these are usually displayed to the user. The user then provides the requested information for it to be authenticated.
      Parameters:
      noFilter - flag to indicate if there is a Filter
      Returns:
      an array of Callback objects requesting credentials from user.

    • submitRequirements

      @Supported public void submitRequirements(Callback[] info)
      Submit the populated Callback objects to the authentication plug-in modules. Called after getRequirements method and obtaining user's response to these requests.
      Parameters:
      info - array of Callback objects

    • logout

      @Supported public void logout() throws AuthLoginException
      Logs out the user and also invalidates the SSOToken associated with this AuthContextLocal.
      Throws:
      AuthLoginException - if an error occurred during logout

    • getLoginException

      @Supported public AuthLoginException getLoginException()
      Returns login exception, if any, during the authentication process. Typically set when the login fails.
      Returns:
      login exception.

    • getStatus

      @Supported public AuthContext.Status getStatus()
      Returns the current status of the authentication process.
      Returns:
      the current status of the authentication process.

    • getSSOToken

      @Supported public SSOToken getSSOToken()
      Returns the Single-Sign-On (SSO) Token for the authenticated user.Single-Sign-On token can be used as the authenticated token.
      Returns:
      single-sign-on token

    • getOrganizationName

      @Supported public String getOrganizationName()
      Returns the the organization name that was set during the AuthContextLocal constructor.
      Returns:
      Organization name.

    • abort

      @Supported public void abort() throws AuthLoginException
      Terminates an ongoing login call that has not yet completed.
      Throws:
      AuthLoginException - if an error occurred during abort.