Home » openjdk-7 » javax.security » auth » message » config » [javadoc | source]
abstract public class: AuthConfigFactory [javadoc | source]

This class is used to obtain AuthConfigProvider objects that can be used to obtain authentication context configuration objects, i.e., ClientAuthConfig and ServerAuthConfig objects. Authentication context configuration objects are used to obtain authentication context objects. Authentication context objects, i.e., ClientAuthContext and ServerAuthContex objects encapsulate authentication modules. Authentication modules are pluggable components that perform security-related processing of request and response messages.

Callers do not operate on modules directly. Instead they rely on an authentication context to manage the invocation of modules. A caller obtains an authentication context by calling the getAuthContext method on a ClientAuthConfig or ServerAuthConfig obtained from an AuthConfigProvider.

The following represents a typical sequence of calls for obtaining a client authentication context, and then using it to secure a request.

  1. AuthConfigFactory factory = AuthConfigFactory.getFactory();
  2. AuthConfigProvider provider = factory.getConfigProvider(layer,appID,null);
  3. ClientAuthConfig config = provider.getClientAuthConfig(layer,appID,cbh)
  4. String operation = config.getOperation(authParam);
  5. ClientAuthContext context = config.getAuthContext(operation,properties);
  6. context.secureRequest(authParam,subject,...);

A system-wide AuthConfigFactory implementation can be set by invoking setFactory, and retrieved via getFactory.

Every implementation of this abstract class must offer a public, zero argument constructor. This constructor must support the construction and registration of AuthConfigProviders from a persistent declarative representation.

For example, a factory implementation class could interpret the contents of a file containing a sequence of configuration entries, with one entry per AuthConfigProvider, with each entry representing the following 5 values:

A value would be required for the implementation class. The remaining values could be optional, and when specified, the contents of the provider initialization file could be required to conform to the syntax defined by http://java.sun.com/dtd/properties.dtd (which can be loaded into a Properties object).

Nested Class Summary:
public static interface  AuthConfigFactory.RegistrationContext  Represents the layer identifier, application context identifier., and description components of an AuthConfigProvider registration at the factory 
Field Summary
static final  String DEFAULT_FACTORY_SECURITY_PROPERTY    The default AuthConfigFactory implementation 
 public AuthConfigFactory() 
Method from javax.security.auth.message.config.AuthConfigFactory Summary:
detachListener,   getConfigProvider,   getFactory,   getRegistrationContext,   getRegistrationIDs,   refresh,   registerConfigProvider,   registerConfigProvider,   removeRegistration,   setFactory
Methods from java.lang.Object:
clone,   equals,   finalize,   getClass,   hashCode,   notify,   notifyAll,   toString,   wait,   wait,   wait
Method from javax.security.auth.message.config.AuthConfigFactory Detail:
 abstract public String[] detachListener(RegistrationListener listener,
    String layer,
    String appContext)
    Disassociate the listener from all the provider registrations whose layer and appContext values are matched by the corresponding arguments to this method.
 abstract public AuthConfigProvider getConfigProvider(String layer,
    String appContext,
    RegistrationListener listener)
    Get a registered AuthConfigProvider from the factory. Get the provider of ServerAuthConfig and/or ClientAuthConfig objects registered for the identified message layer and application context.
 public static AuthConfigFactory getFactory() 

    Get the system-wide AuthConfigFactory implementation.

    If a non-null system-wide factory instance is defined at the time of the call, e.g., with setfactory, it will be returned. Otherwise, an attempt will be made to construct an instance of the default AuthConfigFactory implementation class. The fully qualified class name of the default factory implementation class is obtained from the value of the �authconfigprovider.factory� security property. When an instance of the defaultfactory implementation class is successfully constructed by this method, this method will set it as the system-wide factory instance.

 abstract public RegistrationContext getRegistrationContext(String registrationID)
 abstract public String[] getRegistrationIDs(AuthConfigProvider provider)
 abstract public  void refresh() throws AuthException, SecurityException
 abstract public String registerConfigProvider(AuthConfigProvider provider,
    String layer,
    String appContext,
    String description)
 abstract public String registerConfigProvider(String className,
    Map properties,
    String layer,
    String appContext,
    String description) throws AuthException, SecurityException
 abstract public boolean removeRegistration(String registrationID)
 public static  void setFactory(AuthConfigFactory factory)