Home » openjdk-7 » javax.security » auth » message » config » [javadoc | source]

    1   /*
    2     * JBoss, Home of Professional Open Source
    3     * Copyright 2005, JBoss Inc., and individual contributors as indicated
    4     * by the @authors tag. See the copyright.txt in the distribution for a
    5     * full listing of individual contributors.
    6     *
    7     * This is free software; you can redistribute it and/or modify it
    8     * under the terms of the GNU Lesser General Public License as
    9     * published by the Free Software Foundation; either version 2.1 of
   10     * the License, or (at your option) any later version.
   11     *
   12     * This software is distributed in the hope that it will be useful,
   13     * but WITHOUT ANY WARRANTY; without even the implied warranty of
   14     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
   15     * Lesser General Public License for more details.
   16     *
   17     * You should have received a copy of the GNU Lesser General Public
   18     * License along with this software; if not, write to the Free
   19     * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
   20     * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
   21     */
   22   package javax.security.auth.message.config;
   23   
   24   import javax.security.auth.message.ServerAuth;
   25   
   26   /**
   27    *  <p>This ServerAuthContext class encapsulates ServerAuthModules that are used to 
   28    *     secure requests made as a client. A caller typically uses this class in the 
   29    *     following manner:</p>
   30    *   <ol>
   31    *   <li>Retrieve an instance of this class via AuthContextFactory.getAuthContext.</li> 
   32    *   <li>Invoke <i>validateRequest</i>. 
   33    *    <p>ServerAuthContext implementation invokes encapsulated ServerAuthModule(s). 
   34    *    Module(s) verify or decrypt response as necessary.</p>
   35    *    </li>
   36    *    <li><p>Authentication complete.</p>
   37    *    <p>Perform authorization check on authenticated identity and, if successful, 
   38    *    dispatch to requested service application.</p>
   39    *    </li>
   40    *    <li>Service Application Finished. </li>
   41    *    <li>Invoke <i>secureResponse</i>.<p> ServerAuthContext implementation invokes 
   42    *    encapsulated ServerAuthModule(s). Module(s) secure response (sign and encrypt 
   43    *    response, for example).</p> 
   44    *    </li>
   45    *    <li>Send final response to client.</li>
   46    *    <li>Invoke <i>disposeSubject</i> method (as necessary) to clean up any authentication 
   47    *        state in Subject.<p>A ServerAuthContext instance may be used concurrently 
   48    *        by multiple callers.</p>
   49    *    </li> 
   50    *   </ol>
   51    *   </p>
   52    *   <p>A ServerAuthContext instance may be used concurrently by multiple callers.</p>
   53    *   
   54    *   <p>Implementations of this interface are responsible for constructing and initializing 
   55    *   the encapsulated modules. The initialization step includes passing the relevant request 
   56    *   and response MessagePolicy objects to the encapsulated modules. The MessagePolicy objects 
   57    *   are obtained from the ServerAuthConfig instance that was provided when this ServerAuthContext 
   58    *   instance was created. 
   59    *   @See AuthContextFactory#getAuthContext for more information.
   60    *   </p>
   61    *   <p>Implementations also have custom logic to determine what modules to invoke, and in 
   62    *   what order. In addition, this custom logic may control whether subsequent modules are 
   63    *   invoked based on the success or failure of previously invoked modules.</p>
   64    *   <p>The caller is responsible for passing in a state Map that can be used by underlying 
   65    *   modules to save and communicate state across a sequence of calls from secureRequest to 
   66    *   validateResponse to disposeSubject. The same Map instance must be passed to all methods 
   67    *   in the call sequence. Furthermore, each call sequence should be passed its own unique 
   68    *   shared state Map instance.</p>
   69    *   
   70    *  @author <a href="mailto:Anil.Saldhana@jboss.org">Anil Saldhana</a>
   71    *  @author Charlie Lai, Ron Monzillo (Javadoc for JSR-196)</a> 
   72    *  @since  May 12, 2006 
   73    *  @version $Revision: 45179 $
   74    */
   75   public interface ServerAuthContext extends ServerAuth
   76   {
   77   }

Home » openjdk-7 » javax.security » auth » message » config » [javadoc | source]