WebLogic Server 7.0 API Reference: Interface IdentityAsserter

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

BEA Systems, Inc.

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

weblogic.security.spi
Interface IdentityAsserter

All Known Subinterfaces:: ChallengeIdentityAsserter

public interface IdentityAsserter

The IdentityAsserter interface exposes the methods that custom Identity Assertion providers need to implement in order to provide token-based client identity assertion. An Identity Assertion provider is a specific form of Authentication provider that is used to establish a client's identity outside of the request.

Author:: Copyright (c) 2003 by BEA. All Rights Reserved.

Field Summary
`static java.lang.String`	`AU_TYPE` The `AuthenticatedUser` token is an internal token and is only used when communicating with a pre-7.0 WebLogic Server instance or when utilizing RMI over IIOP.
`static java.lang.String`	`CSI_ANONYMOUS_TYPE` The `CSI.ITTAnonymous` token is an internal token and is only used when CSIV2 is being used for communication.
`static java.lang.String`	`CSI_DISTINGUISHED_NAME_TYPE` The `CSI.DistinguishedName` token is an internal token and is only used when CSIV2 is being used for communication.
`static java.lang.String`	`CSI_PRINCIPAL_TYPE` The `CSI.PrincipalName` token is an internal token and is only used when CSIV2 is being used for communication.
`static java.lang.String`	`CSI_X509_CERTCHAIN_TYPE` The `CSI.X509CertChain` token is an internal token and is only used when CSIV2 is being used for communication.
`static java.lang.String`	`X509_TYPE` The `X.509` token is used to handle X.509 certificates passed in through the HTTP header to the Servlet container.

Method Summary
`javax.security.auth.callback.CallbackHandler`	`assertIdentity(java.lang.String type, java.lang.Object token)` Asserts an identity based on token identity information.

Field Detail

X509_TYPE

public static final java.lang.String X509_TYPE

The X.509 token is used to handle X.509 certificates passed in through the HTTP header to the Servlet container.

AU_TYPE

public static final java.lang.String AU_TYPE

The AuthenticatedUser token is an internal token and is only used when communicating with a pre-7.0 WebLogic Server instance or when utilizing RMI over IIOP. Only the WebLogic Identity Assertion provider should handle this token type. Base64 encoding is not relevant for this token type as it is never passed in via the Servlet container.

CSI_PRINCIPAL_TYPE

public static final java.lang.String CSI_PRINCIPAL_TYPE

The CSI.PrincipalName token is an internal token and is only used when CSIV2 is being used for communication. (CSIv2 is the Common Secure Interoperability Protocol.) Only the WebLogic Identity Assertion provider should handle this token type. Base64 encoding is not relevant for this token type as it is never passed in via the Servlet container.

CSI_ANONYMOUS_TYPE

public static final java.lang.String CSI_ANONYMOUS_TYPE

The CSI.ITTAnonymous token is an internal token and is only used when CSIV2 is being used for communication. (CSIv2 is the Common Secure Interoperability Protocol.) Only the WebLogic Identity Assertion provider should handle this token type. Base64 encoding is not relevant for this token type as it is never passed in via the Servlet container.

CSI_X509_CERTCHAIN_TYPE

public static final java.lang.String CSI_X509_CERTCHAIN_TYPE

The CSI.X509CertChain token is an internal token and is only used when CSIV2 is being used for communication. (CSIv2 is the Common Secure Interoperability Protocol.) Only the WebLogic Identity Assertion provider should handle this token type. Base64 encoding is not relevant for this token type as it is never passed in via the Servlet container.

CSI_DISTINGUISHED_NAME_TYPE

public static final java.lang.String CSI_DISTINGUISHED_NAME_TYPE

The CSI.DistinguishedName token is an internal token and is only used when CSIV2 is being used for communication. (CSIv2 is the Common Secure Interoperability Protocol.) Only the WebLogic Identity Assertion provider should handle this token type. Base64 encoding is not relevant for this token type as it is never passed in via the Servlet container.

Method Detail

assertIdentity

public javax.security.auth.callback.CallbackHandler assertIdentity(java.lang.String type,
                                                                   java.lang.Object token)
                                                            throws IdentityAssertionException

Asserts an identity based on token identity information. An instance of the Identity Assertion provider's CallbackHandler will be passed to the LoginModules to perform principal mapping. A null CallbackHandler instance signifies that the anonymous user should be used.

Parameters:: type - the type of token to use for identity assertion.; token - the actual token to be used to assert identity.
Returns:: a CallbackHandler related to the identity, or null to signify the anonymous user.
Throws:: IdentityAssertionException - if the identity assertion fails.