Class SimpleServerAuthContext

java.lang.Object

org.apache.catalina.authenticator.jaspic.SimpleServerAuthContext

All Implemented Interfaces:

ServerAuthContext, ServerAuth

public class SimpleServerAuthContext
extends Object
implements ServerAuthContext

Basic implementation primarily intended for use when using third-party ServerAuthModule implementations that only provide the module. This implementation supports multiple modules and will treat the user as authenticated if any one module is able to authenticate the user.

Constructor Summary

Constructors

Constructor	Description
SimpleServerAuthContext(List<ServerAuthModule> modules)	Creates a new SimpleServerAuthContext.

Method Summary

Modifier and Type	Method	Description
void	cleanSubject(MessageInfo messageInfo, Subject subject)	Remove principals and/or credentials from the subject that were previously added by this authentication mechanism.
AuthStatus	secureResponse(MessageInfo messageInfo, Subject serviceSubject)	Secure (authenticate) the response.
AuthStatus	validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject)	Validate the request.

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SimpleServerAuthContext

public SimpleServerAuthContext(List<ServerAuthModule> modules)

Creates a new SimpleServerAuthContext.

Parameters:

modules - List of ServerAuthModule instances to use for authentication

Method Details

validateRequest

public AuthStatus validateRequest(MessageInfo messageInfo,
 Subject clientSubject,
 Subject serviceSubject)
                           throws AuthException

Validate the request.

Iterates through the configured modules and returns the first result that is not SEND_FAILURE.

Specified by:

validateRequest in interface ServerAuth

Parameters:

messageInfo - The associated request and response

clientSubject - The subject that represents the source of the request

serviceSubject - The subject that represents the recipient of the request

Returns:

An AuthStatus instance that represents the result of the validation

Throws:

AuthException - If the a failure occurred in a manner that prevented the failure from being communicated via messageInfo

secureResponse

public AuthStatus secureResponse(MessageInfo messageInfo,
 Subject serviceSubject)
                          throws AuthException

Secure (authenticate) the response.

Delegates to the module that was selected during request validation.

Specified by:

secureResponse in interface ServerAuth

Parameters:

messageInfo - The associated request and response

serviceSubject - The subject that represents the source of the response

Returns:

An AuthStatus instance that represents the result of the authentication

Throws:

AuthException - If the a failure occurred in a manner that prevented the failure from being communicated via messageInfo

cleanSubject

public void cleanSubject(MessageInfo messageInfo,
 Subject subject)
                  throws AuthException

Remove principals and/or credentials from the subject that were previously added by this authentication mechanism.

Delegates to all configured modules.

Specified by:

cleanSubject in interface ServerAuth

Parameters:

messageInfo - The associated request and response

subject - The subject to clean

Throws:

AuthException - If the a failure occurred