Package com.sun.identity.authentication.config

Class AMAuthenticationManager

  • public class AMAuthenticationManager
extends Object
    This class provides interfaces to manage authentication module instances.

    • Constructor Detail

      • AMAuthenticationManager

        public AMAuthenticationManager​(SSOToken token,
                               String org)
                        throws AMConfigurationException
        Constructs an instance of AMAuthenticationManager for the specified realm to manage the authentication module instances available to this realm.
        Parameters:
        token - Single sign on token of the user identity on whose behalf the operations are performed.
        org - The realm in which the module instance management is performed.
        Throws:
        AMConfigurationException - if Service Management related error occurs.

    • Method Detail

      • reInitializeAuthServices

        public static void reInitializeAuthServices()
        Re-initializes the module services. This method is meant for global authentication configuration change.

      • getAuthenticationTypes

        public static Set<String> getAuthenticationTypes()
        Returns a Set contains all the authentication types that are plugged in this server.
        Returns:
        Set of String values of the authentication types available on this server.

      • getAuthenticationServiceNames

        public static Set<String> getAuthenticationServiceNames()
        Returns a Set contains all the module service names that are plugged in this server.
        Returns:
        Set of String values of the module service names available on this server.

      • getAuthenticationServiceName

        public static String getAuthenticationServiceName​(String moduleName)
        Returns authentication service name of a module.
        Parameters:
        moduleName - Name of authentication module.
        Returns:
        authentication service name of a module.

      • updateModuleInstanceTable

        public static void updateModuleInstanceTable​(String realm,
                                             String serviceName)
        Updates the module instance table for the authentication service if the module instance table was already cached for the provided realm.
        Parameters:
        realm - The realm where the configuration has changed.
        serviceName - The authentication module's service name.

      • getAuthenticationSchema

        public AMAuthenticationSchema getAuthenticationSchema​(String authType)
                                               throws AMConfigurationException
        Returns an AMAuthenticationSchema object for the specified authentication type.
        Parameters:
        authType - Type of the authentication module instance.
        Returns:
        AMAuthenticationSchema object of the specified authentication type.
        Throws:
        AMConfigurationException - if error occurred during retrieving the service schema.

      • getAuthenticationInstance

        public AMAuthenticationInstance getAuthenticationInstance​(String authName)
        Returns the AMAuthenticationInstance object whose name is as specified. Name uniqueness is required for the instances among the same realm, as well as the instances that are available to this realm.
        Parameters:
        authName - Authentication instance name.
        Returns:
        The AMAuthenticationInstance object that is associated with the authentication instance name.

      • getAuthInstanceType

        public String getAuthInstanceType​(String authName)
        Returns the type of the authentication module instance with the specified instance name.

      • getModuleInstanceNames

        public Set<String> getModuleInstanceNames​(String aModuleType)
        Returns a Set of all registered module instance names for a module type, including both the old instances from 6.3 DIT and the new instances in 7.0.

      • getAllowedModuleNames

        public Set<String> getAllowedModuleNames()
        Returns a Set of module instance names that is allowed for this organization. Since this is only needed for 6.3 and earlier, for 7.0 it returns an empty set.
        Returns:
        a Set of String values for module instance names.

      • getAuthenticationInstances

        public Set<AMAuthenticationInstance> getAuthenticationInstances()
        Returns the authentication module instances that are available to this realm except the Application instance which is for internal use only.
        Returns:
        A Set of AMAuthenticationInstance objects that are available to this realm.

      • createAuthenticationInstance

        public AMAuthenticationInstance createAuthenticationInstance​(String name,
                                                             String type,
                                                             Map attributes)
                                                      throws AMConfigurationException
        Creates an AMAuthenticationInstance instance with the specified parameters.
        Parameters:
        name - Name of the authentication module instance.
        type - Type of the authentication module instance.
        attributes - A Map of parameters for this module instance.
        Returns:
        AMAuthenticationInstance object is newly created.
        Throws:
        AMConfigurationException - if error occurred during the authentication creation.

      • deleteAuthenticationInstance

        public void deleteAuthenticationInstance​(String name)
                                  throws AMConfigurationException
        Deletes a specified authentication module instance.
        Parameters:
        name - Name of the authentication module instance going to be deleted.
        Throws:
        AMConfigurationException - if it fails to delete the authentication instance.

      • isEditable

        public boolean isEditable​(AMAuthenticationInstance instance)
        Returns true if this authentication module instance editable by this user and/or in this realm.
        Parameters:
        instance - The authentication module instance.
        Returns:
        true if editable.