com.sun.identity.authentication.internal

Class AuthContext

java.lang.Object

com.sun.identity.authentication.internal.AuthContext

public final class AuthContext
extends Object

The AuthContext provides the implementation for authenticating users using the JAAS technology. It complements LoginContext provided by JAAS by supporting organization environments that cannot handle sessions, for example, HTTP/HTML.

A typical caller instantiates this class and starts the login process. The caller then obtains an array of Callback objects, which contains the information required by the authentication plug-in module. The caller requests information from the user. On receiving the information from the user, the caller submits the same to this class. If more information is required, the above process continues until all the information required by the plug-ins has been supplied. The caller then checks if the user has successfully been authenticated. If successfully authenticated, the caller can then get the Subject for the user; if not successfully authenticated, the caller obtains the LoginException.

Field Summary

Fields

Modifier and Type	Field and Description
protected String	applicationName
static int	AUTH_COMPLETED This login status indicates that the user has been successfully logged out.
static int	AUTH_FAILED This login status indicates that the login process has failed.
static int	AUTH_IN_PROGRESS This login status indicates that the login process is in progress.
static int	AUTH_NOT_STARTED This login status indicates that the login process has not started yet.
static int	AUTH_SUCCESS This login status indicates that the login process has succeeded.
protected String	authComponentName
protected static Debug	authDebug
protected static String	authDebugName
protected static String	authKeyName
protected Callback[]	informationRequired
protected LoginContext	loginContext
protected LoginException	loginException
protected int	loginStatus
protected AuthLoginThread	loginThread
protected static I18n	myAuthI18n
protected String	organizationName
protected Callback[]	submittedInformation
protected SSOToken	token

Constructor Summary

Constructors

Modifier	Constructor and Description
	AuthContext() Constructor to get an instance of AuthContext.
	AuthContext(Principal principal, char[] password) Constructor to get an authenticated instance of this class given the java.security.Principal the user would like to be authenticated as, and the password for the user.
	AuthContext(Principal principal, char[] password, String hostname, int port)
	AuthContext(String orgName) Constructor to get an instance of this class given the organization name orgName.
protected	AuthContext(String orgName, AuthSubject subject) Constructor to get an instance of this class given the organization name orgName the user would like to access, and the principal's subject the user would like to be authenticated as.
	AuthContext(String orgName, Principal principal, char[] password) Constructor to get an instance of this class given the organization name orgName the user would like to access, the java.security.Principal the user would like to be authenticated as, and the password for the user.

Method Summary

Modifier and Type	Method and Description
protected String	getApplicationName()
AuthPrincipal	getAuthPrincipal() Deprecated. Use getPrincipal() instead
LoginException	getLoginException() Returns login exception, if any, during the authentication process.
int	getLoginStatus() Returns the current state of the login process.
String	getOrganizationName() Method to get organization name that was set during construction of this instance.
Principal	getPrincipal() Returns the (first) AuthPrincipal in the Subject.
protected Set	getPrincipals() Method to get the set of AuthPrincipals in the Subject.
Callback[]	getRequirements() Returns an array of Callback objects that must be populated by the user and returned back.
SSOToken	getSSOToken() Method to get the Single-Sign-On (SSO) Token.
protected AuthSubject	getSubject() Returns the set of Principals the user has been authenticated as.
boolean	hasMoreRequirements() Returns true if the login process requires more information from the user to complete the authentication.
void	logout() Logs the user out.
protected void	reset() Method to reset this instance of AuthContext object, so that a new login process can be initiated.
protected void	reset(AuthSubject subject) Method to reset this instance of AuthContext object, so that a new login process can be initiated for the given Subject.
protected void	setLoginStatus(int status) Method to set the login status.
void	startLogin() Method to start the login process.
void	submitRequiredInformation(Callback[] info) Submits the populated Callback objects to the authentication plug-in modules.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

AUTH_NOT_STARTED

public static final int AUTH_NOT_STARTED

This login status indicates that the login process has not started yet. Basically, it means that the method startLogin has not been called.

See Also:

Constant Field Values

AUTH_IN_PROGRESS

public static final int AUTH_IN_PROGRESS

This login status indicates that the login process is in progress. Basically, it means that the startLogin method has been called and that this object is waiting for the user to send authentication information.

See Also:

Constant Field Values

AUTH_SUCCESS

public static final int AUTH_SUCCESS

This login status indicates that the login process has succeeded.

See Also:

Constant Field Values

AUTH_FAILED

public static final int AUTH_FAILED

This login status indicates that the login process has failed.

See Also:

Constant Field Values

AUTH_COMPLETED

public static final int AUTH_COMPLETED

This login status indicates that the user has been successfully logged out.

See Also:

Constant Field Values

authComponentName

protected final String authComponentName

See Also:

Constant Field Values

authKeyName

protected static final String authKeyName

See Also:

Constant Field Values

authDebugName

protected static final String authDebugName

See Also:

Constant Field Values

authDebug

protected static Debug authDebug

organizationName

protected String organizationName

applicationName

protected String applicationName

loginStatus

protected int loginStatus

loginException

protected LoginException loginException

informationRequired

protected Callback[] informationRequired

submittedInformation

protected Callback[] submittedInformation

loginThread

protected AuthLoginThread loginThread

loginContext

protected LoginContext loginContext

token

protected SSOToken token

myAuthI18n

protected static I18n myAuthI18n

Constructor Detail

AuthContext

public AuthContext()
            throws LoginException

Constructor to get an instance of AuthContext. Caller would then use getRequirements() and submitRequirements() to pass the credentials needed for authentication by the plugin modules.

Throws:

LoginException

AuthContext

public AuthContext(Principal principal,
                   char[] password)
            throws LoginException

Constructor to get an authenticated instance of this class given the java.security.Principal the user would like to be authenticated as, and the password for the user.

Parameters:

principal - name of the user to be authenticated

password - password for the user

Throws:

LoginException

AuthContext

public AuthContext(Principal principal,
                   char[] password,
                   String hostname,
                   int port)
            throws LoginException

Throws:

LoginException

AuthContext

public AuthContext(String orgName,
                   Principal principal,
                   char[] password)
            throws LoginException

Constructor to get an instance of this class given the organization name orgName the user would like to access, the java.security.Principal the user would like to be authenticated as, and the password for the user.

Parameters:

orgName - name of the user's organization

principal - name of the user to be authenticated

password - password for the user

Throws:

LoginException

AuthContext

protected AuthContext(String orgName,
                      AuthSubject subject)
               throws LoginException

Constructor to get an instance of this class given the organization name orgName the user would like to access, and the principal's subject the user would like to be authenticated as.

Throws:

LoginException

AuthContext

public AuthContext(String orgName)
            throws LoginException

Constructor to get an instance of this class given the organization name orgName. The plug-in modules would then query for the user name and related information.

Parameters:

orgName - organization name.

Throws:

LoginException

Method Detail

reset

protected void reset()
              throws LoginException

Method to reset this instance of AuthContext object, so that a new login process can be initiated. Authenticates the user to the same organization or resource this object was instantiated with. If this object was instantiated with a Subject, it will be ignored.

Throws:

LoginException

reset

protected void reset(AuthSubject subject)
              throws LoginException

Method to reset this instance of AuthContext object, so that a new login process can be initiated for the given Subject. Authenticates the user to the same organization or resource this object was instantiated with.

Throws:

LoginException

getSubject

protected AuthSubject getSubject()

Returns the set of Principals the user has been authenticated as. This can be invoked only after successful authentication. If the authentication fails, this will return null.

startLogin

public void startLogin()
                throws LoginException

Method to start the login process. This method will read the plug-ins configured for the application and initialize them.

Throws:

LoginException

hasMoreRequirements

public boolean hasMoreRequirements()

Returns true if the login process requires more information from the user to complete the authentication.

Returns:

true if the login process requires more information from the user to complete the authentication.

getRequirements

public Callback[] getRequirements()

Returns an array of Callback objects that must be populated by the user and returned back. These objects are requested by the authentication plug-ins, and these are usually displayed to the user. The user then provides the requested information for it to be authenticated.

Returns:

an array of Callback objects that must be populated by the user and returned back.

submitRequiredInformation

public void submitRequiredInformation(Callback[] info)

Submits the populated Callback objects to the authentication plug-in modules. Called after getInformationRequired method and obtaining user's response to these requests.

Parameters:

info - array of Callback objects.

logout

public void logout()
            throws LoginException

Logs the user out.

Throws:

LoginException

getLoginException

public LoginException getLoginException()

Returns login exception, if any, during the authentication process. Typically set when the login fails.

Returns:

login exception.

getLoginStatus

public int getLoginStatus()

Returns the current state of the login process. Possible states are listed above.

Returns:

the current state of the login process.

setLoginStatus

protected void setLoginStatus(int status)

Method to set the login status. Used internally and not visible outside this package.

getPrincipal

public Principal getPrincipal()

Returns the (first) AuthPrincipal in the Subject. Returns the first Principal, if more than one exists.

Returns:

the (first) AuthPrincipal in the Subject.

getAuthPrincipal

public AuthPrincipal getAuthPrincipal()

Deprecated. Use getPrincipal() instead

Method to get the (first) AuthPrincipal in the Subject. Returns the first Principal, if more than one exists.

getPrincipals

protected Set getPrincipals()

Method to get the set of AuthPrincipals in the Subject.

getOrganizationName

public String getOrganizationName()

Method to get organization name that was set during construction of this instance.

Returns:

organization name; null if it was not initialized during construction of this instance

getApplicationName

protected String getApplicationName()

getSSOToken

public SSOToken getSSOToken()
                     throws InvalidAuthContextException

Method to get the Single-Sign-On (SSO) Token. This token can be used as the authenticated token.

Returns:

single-sign-on token.

Throws:

InvalidAuthContextException