: Interface PrincipalAuthenticator

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.omg.SecurityLevel2
Interface PrincipalAuthenticator

All Known Subinterfaces:: PrincipalAuthenticator

public interface PrincipalAuthenticator
extends org.omg.CORBA.Object, org.omg.CORBA.portable.IDLEntity

Method Summary
`AuthenticationStatus`	`authenticate(int method, java.lang.String security_name, byte[] auth_data, SecAttribute[] privileges, CredentialsHolder creds, OpaqueHolder continuation_data, OpaqueHolder auth_specific_data)` Authenticates the client.
`AuthenticationStatus`	`continue_authentication(byte[] response_data, CredentialsHolder creds, OpaqueHolder continuation_data, OpaqueHolder auth_specific_data)` Always fails.

Methods inherited from interface org.omg.CORBA.Object

_create_request, 
_create_request, 
_duplicate, 
_get_domain_managers, 
_get_interface_def, 
_get_policy, 
_hash, 
_is_a, 
_is_equivalent, 
_non_existent, 
_release, 
_request, 
_set_policy_override

Method Detail

authenticate

public AuthenticationStatus authenticate(int method,
                                         java.lang.String security_name,
                                         byte[] auth_data,
                                         SecAttribute[] privileges,
                                         CredentialsHolder creds,
                                         OpaqueHolder continuation_data,
                                         OpaqueHolder auth_specific_data)

Authenticates the client.

This method authenticates the client via the IIOP Server Listener/Handler so that it can access an M3 domain.

This method accepts the following input parameters:

method is the integer specified by the com.beasys.Tobj.TuxedoSecurity interface.
security_name is the M3 Java user name.
auth_data is returned by the org.omg.SecurityLevel2.PrincipalAuthenticator.build_auth_data method. If auth_data is invalid, the authenticate method raises the org.omg.CORBA.BAD_PARAM exception.
privileges is of type SecAttribute []. SecAttribute [] is a SecAttribute array. This array can contain an AccessId, which must be the same as the security_name argument (parameter 2), and it can contain a PrimaryGroupId, which is taken to be a TUXEDO client name. In many cases, the privileges are built by an invocation to the build_auth_data method.
creds is the credentials data returned by the org.omg.SecurityLevel2.Current.get_credentials method.
continuation_data and auth_specific_data are always empty.

Note: The client can use TUXEDO style authentication and invoke the Tobj.PrincipalAuthenticator.logon method instead of the authenticate method.

continue_authentication

public AuthenticationStatus continue_authentication(byte[] response_data,
                                                    CredentialsHolder creds,
                                                    OpaqueHolder continuation_data,
                                                    OpaqueHolder auth_specific_data)

Always fails.

Because the M3 software does authentication in one step, this method always fails and returns org.omg.Security.AuthenticationStatus.SecAuthFailure.