public interface ServerAuth
MessageInfo
,
Subject
Modifier and Type | Method and Description |
---|---|
default void |
cleanSubject(MessageInfo messageInfo,
javax.security.auth.Subject subject)
Remove method specific principals and credentials from the subject.
|
default AuthStatus |
secureResponse(MessageInfo messageInfo,
javax.security.auth.Subject serviceSubject)
Secure a service response before sending it to the client.
|
AuthStatus |
validateRequest(MessageInfo messageInfo,
javax.security.auth.Subject clientSubject,
javax.security.auth.Subject serviceSubject)
Authenticate a received service request.
|
AuthStatus validateRequest(MessageInfo messageInfo, javax.security.auth.Subject clientSubject, javax.security.auth.Subject serviceSubject) throws AuthException
This method is called to transform the mechanism-specific request message acquired by calling getRequestMessage (on messageInfo) into the validated application message to be returned to the message processing runtime. If the received message is a (mechanism-specific) meta-message, the method implementation must attempt to transform the meta-message into a corresponding mechanism-specific response message, or to the validated application request message. The runtime will bind a validated application message into the the corresponding service invocation.
This method conveys the outcome of its message processing either by returning an AuthStatus value or by throwing an AuthException.
messageInfo
- A contextual object that encapsulates the client request and server response objects, and that may
be used to save state across a sequence of calls made to the methods of this interface for the purpose of completing
a secure message exchange.clientSubject
- A Subject that represents the source of the service request. It is used by the method
implementation to store Principals and credentials validated in the request.serviceSubject
- A Subject that represents the recipient of the service request, or null. It may be used by the
method implementation as the source of Principals or credentials to be used to validate the request. If the Subject
is not null, the method implementation may add additional Principals or credentials (pertaining to the recipient of
the service request) to the Subject.AuthException
- When the message processing failed without establishing a failure response message (in
messageInfo).default AuthStatus secureResponse(MessageInfo messageInfo, javax.security.auth.Subject serviceSubject) throws AuthException
This method conveys the outcome of its message processing either by returning an AuthStatus value or by throwing an AuthException.
messageInfo
- A contextual object that encapsulates the client request and server response objects, and that may
be used to save state across a sequence of calls made to the methods of this interface for the purpose of completing
a secure message exchange.serviceSubject
- A Subject that represents the source of the service response, or null. It may be used by the
method implementation to retrieve Principals and credentials necessary to secure the response. If the Subject is not
null, the method implementation may add additional Principals or credentials (pertaining to the source of the service
response) to the Subject.AuthException
- When the message processing failed without establishing a failure response message (in
messageInfo).default void cleanSubject(MessageInfo messageInfo, javax.security.auth.Subject subject) throws AuthException
messageInfo
- a contextual object that encapsulates the client request and server response objects, and that may
be used to save state across a sequence of calls made to the methods of this interface for the purpose of completing
a secure message exchange.subject
- the Subject instance from which the Principals and credentials are to be removed.AuthException
- If an error occurs during the Subject processing.