public class CMCAuth extends java.lang.Object implements AuthManager, IExtendedPluginInfo, ProfileAuthenticator
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
CRED_CMC |
static org.slf4j.Logger |
logger |
protected static java.lang.String[] |
mConfigParams |
protected static java.util.Vector<java.lang.String> |
mExtendedPluginInfo |
protected static java.lang.String[] |
mRequiredCreds |
static java.lang.String |
REASON_CODE |
static java.lang.String |
TOKEN_CERT_SERIAL |
HELP_TEXT, HELP_TOKEN
AUTHENTICATED_NAME
CRED_CERT_SERIAL_TO_REVOKE, CRED_CMC_SELF_SIGNED, CRED_CMC_SIGNING_CERT, CRED_HOST_NAME, CRED_SESSION_ID, CRED_SSL_CLIENT_CERT
Constructor and Description |
---|
CMCAuth()
Default constructor, initialization must follow.
|
Modifier and Type | Method and Description |
---|---|
IAuthToken |
authenticate(IAuthCredentials authCred)
Authenticates user by their CMC;
resulting AuthToken sets a TOKEN_SUBJECT for the subject name.
|
AuthenticationConfig |
getAuthenticationConfig() |
java.lang.String[] |
getConfigParams()
Returns a list of configuration parameter names.
|
AuthManagerConfig |
getConfigStore()
gets the configuration substore used by this authentication
plug-in
|
java.lang.String[] |
getExtendedPluginInfo()
Activate the help system.
|
java.lang.String[] |
getExtendedPluginInfo(java.util.Locale locale)
This method returns an array of strings.
|
java.lang.String |
getImplName()
gets the plug-in name of this authentication plug-in.
|
java.lang.String |
getName()
gets the name of this authentication plug-in instance
|
java.lang.String |
getName(java.util.Locale locale)
Retrieves the localizable name of this policy.
|
java.lang.String[] |
getRequiredCreds()
get the list of required credentials.
|
java.lang.String |
getText(java.util.Locale locale)
Retrieves the localizable description of this policy.
|
IDescriptor |
getValueDescriptor(java.util.Locale locale,
java.lang.String name)
Retrieves the descriptor of the given value
parameter by name.
|
java.util.Enumeration<java.lang.String> |
getValueNames()
Retrieves a list of names of the value parameter.
|
void |
init(Profile profile,
IConfigStore config)
Initializes this default policy.
|
void |
init(java.lang.String name,
java.lang.String implName,
AuthManagerConfig config)
Initializes the CMCAuth authentication plug-in.
|
boolean |
isSSLClientRequired()
Checks if this authenticator requires SSL client authentication.
|
boolean |
isValueWriteable(java.lang.String name)
Checks if the value of the given property should be
serializable into the request.
|
void |
populate(IAuthToken token,
IRequest request)
Populates authentication specific information into the
request for auditing purposes.
|
void |
setAuthenticationConfig(AuthenticationConfig authenticationConfig) |
void |
shutdown()
prepares for shutdown.
|
protected IAuthToken |
verifySignerInfo(SessionContext auditContext,
AuthToken authToken,
org.mozilla.jss.pkix.cms.SignedData cmcFullReq) |
public static org.slf4j.Logger logger
public static final java.lang.String TOKEN_CERT_SERIAL
public static final java.lang.String REASON_CODE
protected static java.lang.String[] mConfigParams
public static final java.lang.String CRED_CMC
protected static java.lang.String[] mRequiredCreds
protected static java.util.Vector<java.lang.String> mExtendedPluginInfo
public AuthenticationConfig getAuthenticationConfig()
public void setAuthenticationConfig(AuthenticationConfig authenticationConfig)
public void init(java.lang.String name, java.lang.String implName, AuthManagerConfig config) throws EBaseException
init
in interface AuthManager
name
- The name for this authentication plug-in instance.implName
- The name of the authentication plug-in.config
- - The configuration store for this instance.EBaseException
- If an error occurs during initialization.public IAuthToken authenticate(IAuthCredentials authCred) throws EMissingCredential, EInvalidCredentials, EBaseException
authenticate
in interface AuthManager
authCred
- Authentication credentials, CRED_UID and CRED_CMC.EMissingCredential
- If a required authentication credential is missing.EInvalidCredentials
- If credentials failed authentication.EBaseException
- If an internal error occurred.AuthToken
public java.lang.String[] getConfigParams()
getConfigParams
in interface AuthManager
public AuthManagerConfig getConfigStore()
getConfigStore
in interface ProfileAuthenticator
getConfigStore
in interface AuthManager
public java.lang.String getImplName()
getImplName
in interface AuthManager
public java.lang.String getName()
getName
in interface AuthManager
public java.lang.String[] getRequiredCreds()
getRequiredCreds
in interface AuthManager
public void shutdown()
shutdown
in interface AuthManager
public java.lang.String[] getExtendedPluginInfo()
protected IAuthToken verifySignerInfo(SessionContext auditContext, AuthToken authToken, org.mozilla.jss.pkix.cms.SignedData cmcFullReq) throws EBaseException
EBaseException
public java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)
IExtendedPluginInfo
getExtendedPluginInfo
in interface IExtendedPluginInfo
public void init(Profile profile, IConfigStore config) throws EProfileException
ProfileAuthenticator
init
in interface ProfileAuthenticator
profile
- owner of this authenticatorconfig
- configuration storeEProfileException
- failed to initializepublic java.lang.String getName(java.util.Locale locale)
getName
in interface ProfileAuthenticator
locale
- end user localepublic java.lang.String getText(java.util.Locale locale)
getText
in interface ProfileAuthenticator
locale
- end user localepublic java.util.Enumeration<java.lang.String> getValueNames()
getValueNames
in interface ProfileAuthenticator
public boolean isValueWriteable(java.lang.String name)
ProfileAuthenticator
isValueWriteable
in interface ProfileAuthenticator
name
- property namepublic IDescriptor getValueDescriptor(java.util.Locale locale, java.lang.String name)
getValueDescriptor
in interface ProfileAuthenticator
locale
- user localename
- property namepublic void populate(IAuthToken token, IRequest request) throws EProfileException
ProfileAuthenticator
populate
in interface ProfileAuthenticator
token
- authentication tokenrequest
- requestEProfileException
- failed to populatepublic boolean isSSLClientRequired()
ProfileAuthenticator
isSSLClientRequired
in interface ProfileAuthenticator