wt.auth
Class AuthenticationServer

java.lang.Object
  wt.auth.AuthenticationServer

public abstract class AuthenticationServer

extends Object

Authentication service. This class works in conjunction with a set of AuthenticationHandler objects, an Authenticator object and MethodAuthenticator objects to securely establish the identity of a client. The AuthenticationHandler objects are responsible for authentication schemes and initially identifying the user. The Authenticator and MethodAuthenticator objects are responsible for securely associating that identity with subsequent calls.

A typical scenario involves this class throwing an AuthenticationException that includes a bootstraping MethodAuthenticator object. This MethodAuthenticator object executes on the client to perform a secure login. This activity results in the creation of a second MethodAuthenticator object that can endorse client method calls in a way that be securely verified by the Authenticator class.

Supported API: true

Field Summary

private static Authenticator	AUTHENTICATOR
private static AuthenticationHandler[]	HANDLERS
private static boolean	REAUTH_ALLOWED
private static String	RESOURCE
private static boolean	TO_LOWER_CASE
private static boolean	VERBOSE_SERVER

Constructor Summary

private

AuthenticationServer()

Method Summary

static boolean	enabled(Class handler) Check if given authentication handler is enabled.
static MethodAuthenticator	getBootstrapAuthenticator() Get a bootstrap MethodAuthenticator capable of identifying the user.
static MethodAuthenticator	getBootstrapAuthenticator(String session_id) Get a bootstrap MethodAuthenticator capable of identifying the user for a given session.
static String	getUserName() Get authenticated user name for the current thread.
static MethodAuthenticator	init(MethodAuthenticator authenticator) Initialization method called from bootstrapping authenticator's init method.
static MethodAuthenticator	newMethodAuthenticator(String user) Create a new MethodAuthenticator object that will associate the given user name to endorsed method calls.
static MethodAuthenticator	newMethodAuthenticator(String user, String session_id) Create a new MethodAuthenticator object that will associate the given user name to endorsed method calls.
static void	reauthenticateUser() Re-authenticate the user name for the current thread.
static void	setUserName(String user) Set authenticated user name for the current thread.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

RESOURCE

private static final String RESOURCE

See Also:

Constant Field Values

VERBOSE_SERVER

private static final boolean VERBOSE_SERVER

HANDLERS

private static final AuthenticationHandler[] HANDLERS

AUTHENTICATOR

private static final Authenticator AUTHENTICATOR

TO_LOWER_CASE

private static final boolean TO_LOWER_CASE

REAUTH_ALLOWED

private static final boolean REAUTH_ALLOWED

Constructor Detail

AuthenticationServer

private AuthenticationServer()

Method Detail

getBootstrapAuthenticator

public static MethodAuthenticator getBootstrapAuthenticator()

Get a bootstrap MethodAuthenticator capable of identifying the user.

Supported API: true

Returns:

MethodAuthenticator object

getBootstrapAuthenticator

public static MethodAuthenticator getBootstrapAuthenticator(String session_id)

Get a bootstrap MethodAuthenticator capable of identifying the user for a given session.

Supported API: true

Parameters:

session_id - a string identifying the session to be authenticated

Returns:

MethodAuthenticator object

getUserName

public static String getUserName()

Get authenticated user name for the current thread. If the client has not yet been authenticated, this may result in a MethodAuthenticator object being thrown back to the client to perform a secure login.

Supported API: true

Returns:

the authenticated user name

setUserName

public static void setUserName(String user)

Set authenticated user name for the current thread. This will override any current authentication context with one for the given user.

Supported API: true

init

public static MethodAuthenticator init(MethodAuthenticator authenticator)

Initialization method called from bootstrapping authenticator's init method. It can be used to convert bootstrapping authenticator into a real one or to send back another bootstrapping authenticator if the current one failed and there are other login mechanisms available.

Supported API: true

Parameters:

authenticator - the MethodAuthenticator being initialized

Returns:

replacement MethodAuthenticator

newMethodAuthenticator

public static MethodAuthenticator newMethodAuthenticator(String user)

Create a new MethodAuthenticator object that will associate the given user name to endorsed method calls.

Supported API: true

Parameters:

user - the authenticated user name

Returns:

MethodAuthenticator object

newMethodAuthenticator

public static MethodAuthenticator newMethodAuthenticator(String user,
                                                         String session_id)

Create a new MethodAuthenticator object that will associate the given user name to endorsed method calls.

Supported API: true

Parameters:

user - the authenticated user name

Returns:

MethodAuthenticator object

enabled

public static boolean enabled(Class handler)

Check if given authentication handler is enabled.

Supported API: true

Parameters:

handler - the AuthenticationHandler class

Returns:

true if the given handler class is currently enabled

reauthenticateUser

public static void reauthenticateUser()

Re-authenticate the user name for the current thread. This will result in a MethodAuthenticator object being thrown back to the client to perform a secure login.

Supported API: true

Returns:

the authenticated user name