|
BEA Systems, Inc. | ||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
The IdentityAsserter
interface exposes the methods that custom
Identity Assertion providers need to implement in order to provide token-based client
identity assertion. An Identity Assertion provider is a specific form of Authentication provider
that is used to establish a client's identity outside of the request.
Field Summary | |
static java.lang.String |
AU_TYPE
Used when the Identity Assertion provider supports client identity assertion by using the Weblogic AuthenticatedUser token. |
static java.lang.String |
CSI_ANONYMOUS_TYPE
Used when a CSIv2 anonymous identity token is passed during an invoke. |
static java.lang.String |
CSI_DISTINGUISHED_NAME_TYPE
Used when a CSIv2 distinguished name identity token is passed during an invoke. |
static java.lang.String |
CSI_PRINCIPAL_TYPE
Used when a CSIv2 principal name identity token is passed during an invoke. |
static java.lang.String |
CSI_X509_CERTCHAIN_TYPE
Used when a CSIv2 X509 certificate chain identity token is passed during an invoke. |
static java.lang.String |
SAML_ASSERTION_TYPE
Used when a SMAL Assertion token is passed during an invoke. |
static java.lang.String |
X509_TYPE
Used when the Identity Assertion provider supports client identity assertion by using X509 client certificates as identity tokens. |
Method Summary | |
javax.security.auth.callback.CallbackHandler |
assertIdentity(java.lang.String type,
java.lang.Object token)
Asserts an identity based on token identity information. |
Field Detail |
public static final java.lang.String X509_TYPE
public static final java.lang.String AU_TYPE
AuthenticatedUser
token.public static final java.lang.String CSI_PRINCIPAL_TYPE
public static final java.lang.String CSI_ANONYMOUS_TYPE
public static final java.lang.String CSI_X509_CERTCHAIN_TYPE
public static final java.lang.String CSI_DISTINGUISHED_NAME_TYPE
public static final java.lang.String SAML_ASSERTION_TYPE
Method Detail |
public javax.security.auth.callback.CallbackHandler assertIdentity(java.lang.String type, java.lang.Object token) throws IdentityAssertionException
CallbackHandler
will be passed
to the LoginModules to perform principal mapping. A null CallbackHandler
instance signifies that the anonymous user should be used.
This method is called every time identity assertion occurs, but the LoginModules
may not be called if the Subject is cached. The -Dweblogic.security.identityAssertionTTL
flag can be used to affect this behavior (for example, to modify the default TTL of 5 minutes or
to disable the cache by setting the flag to 0).
It is the responsibility of the Identity Assertion provider to ensure not just that the token is valid, but also that the user is still valid (for example, the user has not been deleted).
type
- the type of token to use for identity assertion.token
- the actual token to be used to assert identity.CallbackHandler
related to the identity, or null
to signify the anonymous user.
|
Documentation is available at http://download.oracle.com/docs/cd/E13169_01/ales/docs25 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |