KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sun > enterprise > security > jauth > ClientAuthModule


1 /*
2  * The contents of this file are subject to the terms
3  * of the Common Development and Distribution License
4  * (the License). You may not use this file except in
5  * compliance with the License.
6  *
7  * You can obtain a copy of the license at
8  * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9  * glassfish/bootstrap/legal/CDDLv1.0.txt.
10  * See the License for the specific language governing
11  * permissions and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL
14  * Header Notice in each file and include the License file
15  * at glassfish/bootstrap/legal/CDDLv1.0.txt.
16  * If applicable, add the following below the CDDL Header,
17  * with the fields enclosed by brackets [] replaced by
18  * you own identifying information:
19  * "Portions Copyrighted [year] [name of copyright owner]"
20  *
21  * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22  */
23
24 package com.sun.enterprise.security.jauth;
25
26 import java.util.Map JavaDoc;
27 import javax.security.auth.Subject JavaDoc;
28 import javax.security.auth.login.Configuration JavaDoc;
29 import javax.security.auth.callback.CallbackHandler JavaDoc;
30
31 /**
32  * This interface describes a module that can be configured
33  * for a ClientAuthContext. The main purpose of this module
34  * is to secure requests and to validate received responses.
35  *
36  * <p> A module implementation must assume it may be used
37  * to issue different requests as different clients.
38  * It is the module implementation's responsibility to properly
39  * store and restore any state as necessary.
40  * A module that does not need to do so
41  * may remain completely stateless.
42  *
43  * <p> Modules are passed a shared state Map that can be used
44  * to save state across a sequence of calls from <code>secureRequest</code>
45  * to <code>validateResponse</code> to <code>disposeSubject</code>.
46  * The same Map instance is guaranteed to be passed to all methods
47  * in the call sequence. Furthermore, it should be assumed that
48  * each call sequence is passed its own unique shared state Map instance.
49  *
50  * @version %I%, %G%
51  */
52 public interface ClientAuthModule {
53
54     /**
55      * Initialize this module with a policy to enforce,
56      * a CallbackHandler, and administrative options.
57      *
58      * <p> Either the the request policy or the response policy (or both)
59      * must be non-null.
60      *
61      * @param requestPolicy the request policy this module is to enforce,
62      * which may be null.
63      *
64      * @param responsePolicy the response policy this module is to enforce,
65      * which may be null.
66      *
67      * @param handler CallbackHandler used to request information
68      * from the caller.
69      *
70      * @param options administrative options.
71      */
72     void initialize(AuthPolicy requestPolicy,
73         AuthPolicy responsePolicy,
74         CallbackHandler JavaDoc handler,
75         Map JavaDoc options);
76
77     /**
78      * Secure a request message.
79      *
80      * <p> Attach authentication credentials to an initial request,
81      * sign/encrypt a request, or respond to a server challenge, for example.
82      *
83      * @param param an authentication parameter that encapsulates the
84      * client request and server response objects.
85      *
86      * @param subject the subject may be used by configured modules
87      * to obtain Principals and credentials necessary to
88      * secure the request, or null. If null, the module may
89      * use a CallbackHandler to obtain any information necessary
90      * to secure the request.
91      *
92      * @param sharedState a Map for modules to save state across
93      * a sequence of calls from <code>secureRequest</code>
94      * to <code>validateResponse</code> to <code>disposeSubject</code>.
95      *
96      * @exception AuthException if the operation failed.
97      */
98     void secureRequest(AuthParam param,
99             Subject JavaDoc subject,
100             Map JavaDoc sharedState)
101         throws AuthException;
102
103     /**
104      * Validate received response.
105      *
106      * <p> Validation may include verifying signature in response,
107      * or decrypting response contents, for example.
108      *
109      * @param param an authentication parameter that encapsulates the
110      * client request and server response objects.
111      *
112      * @param subject the subject may be used by configured modules
113      * to store the Principals and credentials related
114      * to the identity validated in the response.
115      *
116      * @param sharedState a Map for modules to save state across
117      * a sequence of calls from <code>secureRequest</code>
118      * to <code>validateResponse</code> to <code>disposeSubject</code>.
119      *
120      * @exception AuthException if the operation failed.
121      */
122     void validateResponse(AuthParam param,
123             Subject JavaDoc subject,
124             Map JavaDoc sharedState)
125         throws AuthException;
126
127     /**
128      * Dispose of the Subject.
129      *
130      * <p> Remove Principals or credentials from the Subject object
131      * that were stored during <code>validateResponse</code>.
132      *
133      * @param subject Subject instance to be disposed.
134      *
135      * @param sharedState a Map for modules to save state across
136      * a sequence of calls from <code>secureRequest</code>
137      * to <code>validateResponse</code> to <code>disposeSubject</code>.
138      *
139      * @exception AuthException if the operation failed.
140      */
141     void disposeSubject(Subject JavaDoc subject, Map JavaDoc sharedState)
142         throws AuthException;
143 }
144
Popular Tags