1 /* 2 * @(#)JMXAuthenticator.java 1.13 03/12/19 3 * 4 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 5 * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. 6 */ 7 8 package javax.management.remote; 9 10 import java.security.Principal; 11 import javax.security.auth.Subject; 12 13 /** 14 * <p>Interface to define how remote credentials are converted into a 15 * JAAS Subject. This interface is used by the RMI Connector Server, 16 * and can be used by other connector servers.</p> 17 * 18 * <p>The user-defined authenticator instance is passed to the 19 * connector server in the environment map as the value of the 20 * attribute {@link JMXConnectorServer#AUTHENTICATOR}. For connector 21 * servers that use only this authentication system, if this attribute 22 * is not present or its value is <code>null</code> then no user 23 * authentication will be performed and full access to the methods 24 * exported by the <code>MBeanServerConnection</code> object will be 25 * allowed.</p> 26 * 27 * <p>If authentication is successful then an authenticated 28 * {@link Subject subject} filled in with its associated 29 * {@link Principal principals} is returned. Authorization checks 30 * will be then performed based on the given set of principals.</p> 31 * 32 * @since 1.5 33 * @since.unbundled 1.0 34 */ 35 public interface JMXAuthenticator { 36 37 /** 38 * <p>Authenticates the <code>MBeanServerConnection</code> client 39 * with the given client credentials.</p> 40 * 41 * @param credentials the user-defined credentials to be passed 42 * into the server in order to authenticate the user before 43 * creating the <code>MBeanServerConnection</code>. The actual 44 * type of this parameter, and whether it can be null, depends on 45 * the connector. 46 * 47 * @return the authenticated subject containing its associated principals. 48 * 49 * @exception SecurityException if the server cannot authenticate the user 50 * with the provided credentials. 51 */ 52 public Subject authenticate(Object credentials); 53 } 54