BEA Systems, Inc.

BEA WebLogic Server 9.0 API Reference


weblogic.security.service
Interface ChallengeContext


public interface ChallengeContext

The ChallengeContext interface allows the Principal Authenticator to return an object that contains state and is used for subsequent steps in a multi-step challenge/response process. This allows the framework to support authentication protocols such as Microsoft's Windows NT Challenge/Response (NTLM), Simple and Protected GSS-API Negotiation Mechanism (SPNEGO), and other challenge/response authentication mechanisms.

Copyright © 2005 BEA Systems, Inc. All Rights Reserved.

Method Summary
 weblogic.security.acl.internal.AuthenticatedSubject getAuthenticatedSubject()
          Returns the authenticated subject for the challenge identity assertion.
 Object getChallengeToken()
          Returns the challenge token for the challenge identity assertion.
 boolean hasChallengeIdentityCompleted()
          Returns whether the challenge identity assertion has completed.
 

Method Detail

getAuthenticatedSubject

public weblogic.security.acl.internal.AuthenticatedSubject getAuthenticatedSubject()

Returns the authenticated subject for the challenge identity assertion. This method should only be called when the hasChallengeIdentityCompleted() method returns true. If called incorrectly, then an IllegalStateException runtime exception will be thrown.

Returns:
the AuthenticatedSubject related to the identity.

getChallengeToken

public Object getChallengeToken()

Returns the challenge token for the challenge identity assertion. This method should only be called when the hasChallengeIdentityCompleted() method returns false. If called incorrectly, then an IllegalStateException runtime exception will be thrown.

Returns:
the challenge token for the challenge Identity Assertion provider

hasChallengeIdentityCompleted

public boolean hasChallengeIdentityCompleted()

Returns whether the challenge identity assertion has completed.

Returns:
true if the challenge identity assertion has completed, false if not. If true, then the caller should use the getAuthenticatedSubject() method. If false, then the caller should use the getChallengeToken() method.

Documentation is available at
http://download.oracle.com/docs/cd/E13222_01/wls/docs90
Copyright 2005 BEA Systems Inc.