public interface ClientAuth
MessageInfo
,
Subject
Modifier and Type | Method and Description |
---|---|
void |
cleanSubject(MessageInfo messageInfo,
Subject subject)
Remove implementation specific principals and credentials from the
subject.
|
AuthStatus |
secureRequest(MessageInfo messageInfo,
Subject clientSubject)
Secure a service request message before sending it to the service.
|
AuthStatus |
validateResponse(MessageInfo messageInfo,
Subject clientSubject,
Subject serviceSubject)
Validate a received service response.
|
AuthStatus secureRequest(MessageInfo messageInfo, Subject clientSubject) throws AuthException
This method is called to transform the request message acquired by calling getRequestMessage (on messageInfo) into the mechanism-specific form to be sent by the runtime.
This method conveys the outcome of its message processing either by returning an AuthStatus value or by throwing an AuthException.
messageInfo
- A contextual object that encapsulates the
client request and server response objects, and that may be
used to save state across a sequence of calls made to the
methods of this interface for the purpose of completing a
secure message exchange.clientSubject
- A Subject that represents the source of the
service
request, or null. It may be used by the method implementation
as the source of Principals or credentials to be used to
secure the request. If the Subject is not null, the method
implementation may add additional Principals or credentials
(pertaining to the source of the service request) to the
Subject.validateResponse
must be able
to obtain the original application request message.
AuthException
- When the message processing failed without
establishing a failure response message (in messageInfo).AuthStatus validateResponse(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException
This method is called to transform the mechanism-specific response message acquired by calling getResponseMessage (on messageInfo) into the validated application message to be returned to the message processing runtime. If the response message is a (mechanism-specific) meta-message, the method implementation must attempt to transform the meta-message into the next mechanism-specific request message to be sent by the runtime.
This method conveys the outcome of its message processing either by returning an AuthStatus value or by throwing an AuthException.
messageInfo
- A contextual object that encapsulates the
client request and server response objects, and that may be
used to save state across a sequence of calls made to the
methods of this interface for the purpose of completing a
secure message exchange.clientSubject
- A Subject that represents the recipient of the
service response, or null. It may be used by the method
implementation as the source of Principals or credentials to
be used to validate the response. If the Subject is not null,
the method implementation may add additional Principals or
credentials (pertaining to the recipient of the service
request) to the Subject.serviceSubject
- A Subject that represents the source of the
service response, or null. If the Subject is not null,
the method implementation may add additional Principals or
credentials (pertaining to the source of the service
response) to the Subject.AuthException
- When the message processing failed without
establishing a failure response message (in messageInfo).void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException
messageInfo
- A contextual object that encapsulates the
client request and server response objects, and that may be
used to save state across a sequence of calls made to the
methods of this interface for the purpose of completing a
secure message exchange.subject
- The Subject instance from which the Principals and
credentials are to be removed.AuthException
- If an error occurs during the Subject
processing.Copyright © 1996-2017, Oracle and/or its affiliates. All Rights Reserved. Use is subject to license terms.