Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Role Manager Java API Reference
10g (10.1.4)
E12031-02
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.iam.rm.authentication
Interface AuthenticationManager

public interface AuthenticationManager

Interface to authenticate a system identity or person.

Method Summary
 RoleManagerPrincipal authenticatePerson(java.lang.String username, java.lang.String password)
          Authenticates person in non-SSO mode, for example, in demo installations without a third-party access manager to do the authentication.
 RoleManagerPrincipal authenticateSystemIdentity(java.lang.String username, byte[] data, byte[] signature)
          Authenticates a system identity.
 RoleManagerPrincipal authenticateSystemIdentity(java.lang.String username, java.lang.String password)
          Authenticates a system identity.
 java.lang.String encryptAndMarkValue(java.lang.String identifier, java.lang.String password)
          Encrypts the identifier and password to produce a hashed value to store and reference during authentication.
 java.lang.String encryptValue(java.lang.String identifier, java.lang.String password)
          Encrypts the identifier and password to produce a hashed value to store and reference during authentication.
 RoleManagerPrincipal getPersonPrincipal(java.lang.String ssoToken)
          Returns user principal based on mapping between SSO logon token and some user attribute in the database.
 RoleManagerPrincipal getSystemUserPrincipal()
          Returns user principal for well-known system identity.
 SnapshotObject getUser(RoleManagerPrincipal principal)
          Returns user object that the principal represents.
 boolean isPasswordField(java.lang.String entity, java.lang.String attribute)
          Returns whether the field in question is a password field.
 void resetFailureCount(java.lang.String userType, java.lang.String userName)
          Resets the user's authentication failure count to zero.
 void transformPasswordAttribute(java.lang.String entity, java.util.Map<java.lang.String,? extends java.lang.Object> currentAttributes, java.util.Map<java.lang.String,java.lang.Object> attributes)
          Modifies the attribute values as necessary to secure a password value if one is being set.
 boolean validatePrincipal(RoleManagerPrincipal principal)
          Returns whether the principal provided is still valid.

 

Method Detail

authenticateSystemIdentity

RoleManagerPrincipal authenticateSystemIdentity(java.lang.String username,
                                                java.lang.String password)
                                                throws javax.security.auth.login.LoginException
Authenticates a system identity.
Parameters:
username - user's logon ID (userId)
password - user's password
Returns:
RoleManagerPrincipal
Throws:
javax.security.auth.login.LoginException - if authentication fails
See Also:
RoleManagerPrincipal

authenticateSystemIdentity

RoleManagerPrincipal authenticateSystemIdentity(java.lang.String username,
                                                byte[] data,
                                                byte[] signature)
                                                throws javax.security.auth.login.LoginException
Authenticates a system identity.
Parameters:
username - user's logon ID (userId)
data - data that this system identity's private key was used to create the signature data
signature - the digital signature created by signing the data with the user's private key
Returns:
RoleManagerPrincipal
Throws:
javax.security.auth.login.LoginException - if authentication fails
See Also:
RoleManagerPrincipal

authenticatePerson

RoleManagerPrincipal authenticatePerson(java.lang.String username,
                                        java.lang.String password)
                                        throws javax.security.auth.login.LoginException
Authenticates person in non-SSO mode, for example, in demo installations without a third-party access manager to do the authentication.
Parameters:
username - user's logon ID (userId)
password - user's password
Returns:
RoleManagerPrincipal
Throws:
javax.security.auth.login.LoginException - if authentication fails
See Also:
RoleManagerPrincipal

resetFailureCount

void resetFailureCount(java.lang.String userType,
                       java.lang.String userName)
                       throws javax.security.auth.login.LoginException
Resets the user's authentication failure count to zero.
Parameters:
userType - 'person' or 'systemIdentity'
userName - the user's logon ID (userId)
Throws:
java.lang.IllegalArgumentException - if userType is not 'person' or 'systemIdentity', or any argument is null, or the user cannot be found.
javax.security.auth.login.LoginException - if the agent cannot be authenticated

getPersonPrincipal

RoleManagerPrincipal getPersonPrincipal(java.lang.String ssoToken)
                                        throws javax.security.auth.login.LoginException
Returns user principal based on mapping between SSO logon token and some user attribute in the database.
Parameters:
ssoToken - user identifier (such as email address) garnered from third-party access manager.
Returns:
RoleManagerPrincipal
Throws:
javax.security.auth.login.LoginException - if the user is not in the system or if more than one user can be identified by the token.
See Also:
RoleManagerPrincipal

getSystemUserPrincipal

RoleManagerPrincipal getSystemUserPrincipal()
Returns user principal for well-known system identity.
Returns:
RoleManagerPrincipal

getUser

SnapshotObject getUser(RoleManagerPrincipal principal)
                       throws javax.security.auth.login.LoginException
Returns user object that the principal represents.
Parameters:
principal - RoleManagerPrincipal
Returns:
SystemIdentity or Person object
Throws:
javax.security.auth.login.LoginException - if the user is not in the system or if more than one user can be identified by the token.
See Also:
RoleManagerPrincipal

encryptValue

java.lang.String encryptValue(java.lang.String identifier,
                              java.lang.String password)
                              throws javax.security.auth.login.LoginException
Encrypts the identifier and password to produce a hashed value to store and reference during authentication.
Parameters:
identifier - the user's identifier (such as e-mail or login ID)
password - the clear-text password to authenticate with
Returns:
the encrypted value to use for authentication
Throws:
javax.security.auth.login.LoginException - if no encryption class is registered

encryptAndMarkValue

java.lang.String encryptAndMarkValue(java.lang.String identifier,
                                     java.lang.String password)
                                     throws javax.security.auth.login.LoginException
Encrypts the identifier and password to produce a hashed value to store and reference during authentication.
Parameters:
identifier - the user's identifier (such as e-mail or login ID)
password - the clear-text password to authenticate with
Returns:
the encrypted value to use for authentication
Throws:
javax.security.auth.login.LoginException - if no encryption class is registered

isPasswordField

boolean isPasswordField(java.lang.String entity,
                        java.lang.String attribute)
Returns whether the field in question is a password field.
Parameters:
entity - object type (as defined in temporal configuration) to which the attribute belongs
attribute - attribute that is being tested for being a password field
Returns:
Boolean true if the attribute is a password field, otherwise false.

transformPasswordAttribute

void transformPasswordAttribute(java.lang.String entity,
                                java.util.Map<java.lang.String,? extends java.lang.Object> currentAttributes,
                                java.util.Map<java.lang.String,java.lang.Object> attributes)
                                throws javax.security.auth.login.LoginException
Modifies the attribute values as necessary to secure a password value if one is being set.
Parameters:
entity - the entity type that the transformation is for
currentAttributes - the current attributes of the object or an empty collection if the object is new
attributes - the attributes that will be applied to the object
Throws:
javax.security.auth.login.LoginException - if the password creation process fails

validatePrincipal

boolean validatePrincipal(RoleManagerPrincipal principal)
Returns whether the principal provided is still valid.
Parameters:
principal - RoleManagerPrincipal to validate.
Returns:
Boolean true if the principal still valid, otherwise false.

Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Role Manager Java API Reference
10g (10.1.4)
E12031-02
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2007, 2008 Oracle. All Rights Reserved.