javax.security.auth.message.config: abstract public class: AuthConfigFactory

javax.security.auth.message.config
abstract public class: AuthConfigFactory [javadoc | source]

java.lang.Object
   javax.security.auth.message.config.AuthConfigFactory

This class is used to obtain AuthConfigProvider objects that can be used to obtain authentication context configuration objects, i.e., ClientAuthConfig and ServerAuthConfig objects. Authentication context configuration objects are used to obtain authentication context objects. Authentication context objects, i.e., ClientAuthContext and ServerAuthContex objects encapsulate authentication modules. Authentication modules are pluggable components that perform security-related processing of request and response messages.

Callers do not operate on modules directly. Instead they rely on an authentication context to manage the invocation of modules. A caller obtains an authentication context by calling the getAuthContext method on a ClientAuthConfig or ServerAuthConfig obtained from an AuthConfigProvider.

The following represents a typical sequence of calls for obtaining a client authentication context, and then using it to secure a request.

AuthConfigFactory factory = AuthConfigFactory.getFactory();
AuthConfigProvider provider = factory.getConfigProvider(layer,appID,null);
ClientAuthConfig config = provider.getClientAuthConfig(layer,appID,cbh)
String operation = config.getOperation(authParam);
ClientAuthContext context = config.getAuthContext(operation,properties);
context.secureRequest(authParam,subject,...);

A system-wide AuthConfigFactory implementation can be set by invoking setFactory, and retrieved via getFactory.

Every implementation of this abstract class must offer a public, zero argument constructor. This constructor must support the construction and registration of AuthConfigProviders from a persistent declarative representation.

For example, a factory implementation class could interpret the contents of a file containing a sequence of configuration entries, with one entry per AuthConfigProvider, with each entry representing the following 5 values:

the fully qualified name of the provider implementation class
the pathname of the provider initialization file
the message layer name
the application context identifier
the registration description

A value would be required for the implementation class. The remaining values could be optional, and when specified, the contents of the provider initialization file could be required to conform to the syntax defined by http://java.sun.com/dtd/properties.dtd (which can be loaded into a Properties object).

author:

 -  href="mailto:Anil.Saldhana@jboss.org">Anil Saldhana

author: Charlie -  Lai, Ron Monzillo (Javadoc for JSR-196)

since: May -  12, 2006

version: $ - Revision: 64016 $










    
Nested Class Summary:
public static interface   AuthConfigFactory.RegistrationContext   Represents the layer identifier, application context identifier., and description 
components of an AuthConfigProvider registration at the factory 






    
Field Summary
static final   String  DEFAULT_FACTORY_SECURITY_PROPERTY    The default AuthConfigFactory implementation 











    
Constructor:
 public AuthConfigFactory() {

}









    Method from javax.security.auth.message.config.AuthConfigFactory Summary:

detachListener,   getConfigProvider,   getFactory,   getRegistrationContext,   getRegistrationIDs,   refresh,   registerConfigProvider,   registerConfigProvider,   removeRegistration,   setFactory
Methods from java.lang.Object:

clone,   equals,   finalize,   getClass,   hashCode,   notify,   notifyAll,   toString,   wait,   wait,   wait
Method from javax.security.auth.message.config.AuthConfigFactory Detail:
 abstract public String[] detachListener(RegistrationListener listener,
    String layer,
    String appContext)Disassociate the listener from all the provider registrations whose layer and 
appContext values are matched by the corresponding arguments to this method.
 abstract public AuthConfigProvider getConfigProvider(String layer,
    String appContext,
    RegistrationListener listener)Get a registered AuthConfigProvider from the factory. Get the provider of 
ServerAuthConfig and/or ClientAuthConfig objects registered for the identified 
message layer and application context.
 public static AuthConfigFactory getFactory() {
      //Validate the caller permission
      SecurityManager sm = System.getSecurityManager();
      if (sm != null)
         sm.checkPermission(new SecurityPermission("getFactory"));
      if (_factory == null)
      {
         String factoryName = null;
         Class clazz = null;
         try
         {
            LoadAction action = new LoadAction();
            try
            {
               clazz = (Class) AccessController.doPrivileged(action);
               factoryName = action.getName();
            }
            catch (PrivilegedActionException ex)
            {
               factoryName = action.getName();
               Exception e = ex.getException();
               if (e instanceof ClassNotFoundException)
                  throw (ClassNotFoundException) e;
               else
                  throw new IllegalStateException("Failure during load of class: " + action.getName() + e);
            }
            _factory = (AuthConfigFactory) clazz.newInstance();
         }
         catch (ClassNotFoundException e)
         {
            String msg = "Failed to find AuthConfigFactory : " + factoryName;
            IllegalStateException ise = new IllegalStateException(msg);
            ise.initCause(e);
            throw ise;
         }
         catch (IllegalAccessException e)
         {
            String msg = "Unable to access class : " + factoryName;
            IllegalStateException ise = new IllegalStateException(msg);
            ise.initCause(e);
            throw ise;
         }
         catch (InstantiationException e)
         {
            String msg = "Failed to create instance of: " + factoryName;
            IllegalStateException ise = new IllegalStateException(msg);
            ise.initCause(e);
            throw ise;
         }
         catch (ClassCastException e)
         {
            StringBuffer msg = new StringBuffer(factoryName + " Is not a AuthConfigFactory, ");
            msg.append("ACF.class.CL: "+ AuthConfigFactory.class.getClassLoader());
            msg.append("\nACF.class.CS: " + AuthConfigFactory.class.getProtectionDomain().getCodeSource());
            msg.append("\nACF.class.hash: "+System.identityHashCode(AuthConfigFactory.class));
            msg.append("\nclazz.CL: "+clazz.getClassLoader());
            msg.append("\nclazz.CS: "+clazz.getProtectionDomain().getCodeSource());
            msg.append("\nclazz.super.CL: "+clazz.getSuperclass().getClassLoader());
            msg.append("\nclazz.super.CS: "+clazz.getSuperclass().getProtectionDomain().getCodeSource());
            msg.append("\nclazz.super.hash: "+System.identityHashCode(clazz.getSuperclass()));
            ClassCastException cce = new ClassCastException(msg.toString());
            cce.initCause(e);
            throw cce;
         }
      }
      return _factory;
}
Get the system-wide AuthConfigFactory implementation.
If a non-null system-wide factory instance is defined at the time of the call, 
e.g., with setfactory, it will be returned. Otherwise, an attempt will be made to 
construct an instance of the default AuthConfigFactory implementation class. The 
fully qualified class name of the default factory implementation class is obtained
from the value of the �authconfigprovider.factory� security property.  When an 
instance of the defaultfactory implementation class is successfully constructed by 
this method, this method will set it as the system-wide factory instance.
 abstract public RegistrationContext getRegistrationContext(String registrationID)
 abstract public String[] getRegistrationIDs(AuthConfigProvider provider)
 abstract public  void refresh() throws AuthException, SecurityException
 abstract public String registerConfigProvider(AuthConfigProvider provider,
    String layer,
    String appContext,
    String description)
 abstract public String registerConfigProvider(String className,
    Map properties,
    String layer,
    String appContext,
    String description) throws AuthException, SecurityException
 abstract public boolean removeRegistration(String registrationID)
 public static  void setFactory(AuthConfigFactory factory) {
 
      _factory = factory;
}