Interface | Description |
---|---|
AccessRight |
An object that defines an access right to a resource.
|
Account |
An account, the persistent information associated with a Persona.
|
AccountInitializer |
An interface used by an AccountManager to obtain standard account
creation services.
|
AccountManager |
Interface to Account object management facilities.
|
AccountTypes |
Interface that defines the constants used for account typing.
|
Action |
An interface provided by an object that wishes to perform an action
under as an assumed User.
|
BinaryToTextEncoder |
An encoder that takes a binary array and turns it into a text string.
|
CertificateParser |
This interface defines parse functions to be used to get certificates from
a string or input stream.
|
CertificateUserAuthority |
Interface that provides certificate style authentication
for a user authority.
|
DefaultGroupPersona |
A tag interface that marks a persona as a "default group persona", a
group to which the user belongs that should be used for setting
default security attributes when an object is created.
|
GroupPersona |
A tag interface that marks a persona as a "group persona", indicating
that it identifies a user group rather than a specific user.
|
IdentityManager |
An interface for providing identity management features.
|
IdUserAuthority |
Interface that provides id style authentication, where only the user
ID has to be specified, for a user authority.
|
LoginPersona |
A tag interface that marks a persona as a "login persona", indicating
that it identifies a user login.
|
LoginUserAuthority |
Interface that provides name/password (login) style authentication
for a user authority.
|
PasswordHasher |
This interface defines a hash function to be used to encrypt passwords.
|
PasswordHasher2 |
A password hasher that supplies the login along with the password,
which is often useful for salting.
|
Persona |
An identity, either of a user or of a user's role.
|
PrincipalUserAuthority |
An extension to the UserAuthority interface that provides a mapping
between the security system Persona objects and any object
that implements java.security.Principal.
|
ProxyUserAuthority |
A user authority that acts as a proxy for another user authority.
|
RemoteAccount |
An object used to expose the
Account interface via RMI. |
RemoteAccountManager |
An interface to expose the AccountManager interface via RMI.
|
RemoteUserAuthority |
Minimal interface that must be implemented by user authorities whose
personae can be serialized.
|
SaltFetcher |
An object used to fetch a salt for a given login.
|
SecuredContainer |
An interface to be implemented by any object that wants to
supply inherited security information to a SecuredObject.
|
SecuredObject |
An object with associated security information.
|
SecuredResource |
An interface used to work with a resource that has associated access
control entries.
|
SecurityDomain |
A security domain manages the authorization policy for
some part of an application.
|
SecurityPolicy |
An object that provides the following policy decisions:
|
StandardAccessRights |
A set of typical access rights.
|
UserAuthenticator |
UserAuthenticator.java
|
UserAuthority |
This interface is used for authenticating a user.
|
UserAuthority2 |
An extension of the UserAuthority interface that supports
special personae tokens.
|
Class | Description |
---|---|
AccessAllowedEvent |
An AccessEvent indicating that access to a secured resource was allowed.
|
AccessControlEntry |
An immutable object that defines a set of access rights granted to a given
persona.
|
AccessControlList |
A set of access rights that determine the accessibility of something to
someone.
|
AccessDeniedEvent |
An AccessEvent indicating that access to a secured resource was denied.
|
AccessEvent |
An event generated by a security domain whenever a resource access
is attempted.
|
AccountComparator |
Base class used for constructing sort comparators for account objects.
|
ActiveDirectoryAccountManager |
An account manager and user authority that works against an MS Active Directory
|
AliasedPersona |
A persona that wraps another persona.
|
AuthenticationEvent |
Event generated whenever an authentication is attempted by a
user authority.
|
AuthenticationFailedEvent |
Event thrown when an a UserAuthority fails to authenticate a user.
|
AuthenticationSucceededEvent |
Event thrown when an a UserAuthority succeeds in authenticating a user.
|
Base16Encoder |
Encodes a binary array as text using base 16 (hexadecimal).
|
Base64Encoder |
Encodes a binary array as text using base 64.
|
ClientAccount |
An Account object that wraps a RemoteAccount object.
|
ClientAccountManager |
An AccountManager object that wraps an RMI-accessible AccountManager
object to expose the standard AccountManager interface on the client
side.
|
ClientUserAuthority |
A client-side object that wraps a remote user authority.
|
ConsoleAccessLogger | |
DigestPasswordHasher |
A password hasher that utilizes the
java.security.MessageDigest
mechanism for hashing passwords. |
EveryonePersona |
A special version of a persona that acts as if it has all other
personae in the same user authority as sub-personae.
|
GenericAccessManager |
Methods which determine if access should be allowed or denied.
|
GenericAccessRight |
A generic implementation of an access right object.
|
GenericAccount |
A generic implementation of the
Account interface. |
GenericAccountInitializer |
A service that copies accounts between two account managers.
|
GenericAccountManager |
A generic implementation of an account manager/user authority.
|
GenericDefaultGroupPersona |
Implements a generic persona that is marked as a default group persona.
|
GenericGroupPersona |
Implements a generic persona that is marked as a group persona.
|
GenericLoginPersona |
Implements a generic persona that is marked as a login persona.
|
GenericPersona |
Implements a generic persona, which is an identity used to grant access
control rights within a security domain.
|
GenericProxyUserAuthority |
An implementation of a generic ProxyUserAuthority object.
|
GenericSecuredObject |
A generic implementation of the SecuredObject interface.
|
GenericSecuredResource |
A generic implementation of the SecuredResource interface.
|
GenericSecuredResourceService |
A generic implementation of the SecuredResource interface as a service.
|
GenericSecurityDomain |
A typical implementation of most of the security domain interface,
useful for writing other security domains.
|
GenericUserAuthority |
This implements a user authority that does nothing -- it's just a handle.
|
IdentitySecurityPolicy |
An extension of the standard security policy that allows or denies
access by specific identities in addition to a normal ACL.
|
iPlanetDirectoryAccountManager |
An account manager and user authority that works against an iPlanet's Directory
|
iPlanetSSHAAccountPasswordHasher |
A subclass of iPlanetSSHAPasswordHasher which obtains user accounts
from an AccountManager via an iPlanetSSHAAccountSaltFetcher.
|
iPlanetSSHAAccountSaltFetcher |
An object used to fetch an SSHA salt for a given login.
|
iPlanetSSHAPasswordHasher |
A password hasher which implements the SSHA (salted SHA) algorithm
as implemented by the iPlanet Directory Server.
|
LDAPAccountInitializer |
A service which aids initial account management for LDAP-based account
repositories
|
LDAPAuthenticationProxy |
proxy to auth ldap users
|
LDAPRepositoryAccount |
An Account object that is persisted by a LDAP Repository.
|
LDAPRepositoryAccountManager |
An account manager and user authority that works against an LDAPRepository
|
MD5PasswordHasher |
Implementation of a PasswordHasher using MD5 encryption algorithm
with a randomized initial state.
|
NullEncoder |
Returns a string constructed out of a binary array, without
modification.
|
NullPasswordHasher |
A password hasher that doesn't do anything.
|
PasswordHasher2Adapter |
An adapter that implements the base PasswordHasher interface
for PasswordHasher2 implementations.
|
PersonaAdapter |
An adapter class useful for creating implementations of the Persona
interface.
|
Privilege |
An access right indicating an access privilege.
|
RegisteredUsersSecurityPolicy |
A security policy that allows full access to registered users and
denies access to anonymous users.
|
RemoteAccountImpl |
An object that wraps an
Account object and makes it
RMI-accessible. |
RemoteAccountManagerImpl |
An object that wraps an AccountManager object in order to expose it
via RMI.
|
RemoteUserAuthorityImpl |
Implementation of a remote user authority that wraps a normal
user authority so that persona lookups can be accomplished.
|
RepositoryAccount |
An Account object that is persisted by a repository.
|
RepositoryAccountManager |
An account manager and user authority that works against a Dynamo
repository.
|
RepositoryApplicationPersona |
This is the Persona implementation that is produced by the
RepositoryApplicationUserAuthority.
|
RepositoryApplicationUserAuthority |
This LoginUserAuthority implements the bare minimum required to
do logins and determine role memberships.
|
SaltedDigestPasswordHasher |
A password hasher that utilizes the
java.security.MessageDigest
mechanism for hashing passwords. |
SaltedMD5PasswordHasher |
An implementation of a password hasher using the MD5 digest algorithm
with the user login being used as a salt.
|
SavedPersona |
An object that saves the naming information needed to recreate a persona
instance.
|
SecurityConfiguration |
Configuration information that defines all of the elements
needed to create and manage access control lists for an object.
|
SecurityContext |
This object is used to specify the context in which an access
control request is being made.
|
SecurityDomainEvent |
Base class for all security domain-related events.
|
SecurityProviderService |
The SecurityProviderService is a GenericService that
provides a centralized location where java security providers
may be specified in an orderly manner without any confusion as to
which providers have higher priority.
|
SecurityUtils |
Utility methods useful for security system operations.
|
SerializedAccountManager |
An account manager whose persistence is accomplished via serialization to
a file.
|
SerializedProxyUserAuthority |
A serializable version of a proxy user authority.
|
SerializedUserAuthority |
This utility class manages the serialization and de-serialization of user
authority objects.
|
StandardAccessRightsMap |
A map of all the standard access rights.
|
StandardSecurityPolicy |
A security policy that walks an access control list composed of
access rights and/or deny rights to determine whether a particular
access request should be allowed or denied.
|
ThreadSecurityManager |
Class used to manage the User object that is associated with the
current thread.
|
User |
The User object holds a collection of Personae that have been
collected by one or more user authorities.
|
UserAuthorityEvent |
Base class used for any event generated by a user authority.
|
UserFailService |
UserFailService.java
|
XmlAccountManager |
An account manager/user authority that loads user account information from
an XML file.
|
Exception | Description |
---|---|
AccountExistsException |
Exception thrown when attempting to add a Group that already exists.
|
GroupExistsException |
Exception thrown when attempting to add a Group that already exists.
|
ImplementationSecurityException |
A security exception that wraps some kind of Throwable that occured
within an implementation of a security system element.
|
InvalidAccessControlEntryException |
Exception thrown when an improper access control entry is supplied to a
security domain.
|
InvalidAccessRightException |
Exception thrown when an attempt is made to use an access right that is
not supported by a security domain.
|
InvalidAttributeException |
Exception thrown when attempting to add a Group that already exists.
|
InvalidPermissionException |
Exception thrown when an improper permission is supplied to a security
domain.
|
InvalidPersonaException |
Exception thrown when a persona is used improperly (e.g. with the
wrong user authority).
|
InvalidResourceException |
Exception thrown when a resource name supplied to a security domain
is not valid for the domain.
|
NoSuchAccountException |
Exception thrown when attempting to add a Group that already exists.
|
NoSuchGroupException |
Exception thrown when a security operation fails because the indicated
group does not exist.
|
NoSuchUserException |
Exception thrown when a security operation fails because the indicated
user does not exist.
|
PermissionDeniedException |
Exception thrown when an attempt was made to access a resource without
appropriate permission.
|
RuntimeSecurityException |
A security exception that can be thrown from within a method without
a "throws SecurityException" in its signature.
|
SecurityException |
Base class for all atg.security package exceptions.
|
TooManyAccountsException |
Exception thrown when an attempt is made to list more accounts than the account manager
is willing to provide.
|
UnsupportedFeatureSecurityException |
A security exception that is to be thrown by an implementation of
the security APIs when an attempt to use an unsupported feature
is made.
|