WebLogic Server 8.1 API Reference: Interface IdentityAsserter

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

BEA Systems, Inc.

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

WebLogic Server 8.1 API Reference

weblogic.security.spi
Interface IdentityAsserter

All Known Subinterfaces:: ChallengeIdentityAsserter

public interface IdentityAsserter

The IdentityAsserter interface exposes the methods that custom Identity Assertion providers need to implement in order to provide token-based client identity assertion. An Identity Assertion provider is a specific form of Authentication provider that is used to establish a client's identity outside of the request.

Author:: Copyright © 2004 BEA Systems, Inc. All Rights Reserved.

Field Summary
`static java.lang.String`	`AU_TYPE` The `AuthenticatedUser` token is an internal token and is only used when communicating with a pre-7.0 WebLogic Server instance or when utilizing RMI over IIOP.
`static java.lang.String`	`CSI_ANONYMOUS_TYPE` The `CSI.ITTAnonymous` token is an internal token and is only used when CSIV2 is being used for communication.
`static java.lang.String`	`CSI_DISTINGUISHED_NAME_TYPE` The `CSI.DistinguishedName` token is an internal token and is only used when CSIV2 is being used for communication.
`static java.lang.String`	`CSI_PRINCIPAL_TYPE` The `CSI.PrincipalName` token is an internal token and is only used when CSIV2 is being used for communication.
`static java.lang.String`	`CSI_X509_CERTCHAIN_TYPE` The `CSI.X509CertChain` token is an internal token and is only used when CSIV2 is being used for communication.
`static java.lang.String`	`X509_TYPE` The `X.509` token is used to handle X.509 certificates passed in through the HTTP header to the Servlet container.

Method Summary
`javax.security.auth.callback.CallbackHandler`	`assertIdentity(java.lang.String type, java.lang.Object token)` Asserts an identity based on token identity information.

Field Detail

X509_TYPE

public static final java.lang.String X509_TYPE

The X.509 token is used to handle X.509 certificates passed in through the HTTP header to the Servlet container.

AU_TYPE

public static final java.lang.String AU_TYPE

The AuthenticatedUser token is an internal token and is only used when communicating with a pre-7.0 WebLogic Server instance or when utilizing RMI over IIOP. Only the WebLogic Identity Assertion provider should handle this token type. Base64 encoding is not relevant for this token type as it is never passed in via the Servlet container.

CSI_PRINCIPAL_TYPE

public static final java.lang.String CSI_PRINCIPAL_TYPE

The CSI.PrincipalName token is an internal token and is only used when CSIV2 is being used for communication. (CSIv2 is the Common Secure Interoperability Protocol.) Only the WebLogic Identity Assertion provider should handle this token type. Base64 encoding is not relevant for this token type as it is never passed in via the Servlet container.

CSI_ANONYMOUS_TYPE

public static final java.lang.String CSI_ANONYMOUS_TYPE

The CSI.ITTAnonymous token is an internal token and is only used when CSIV2 is being used for communication. (CSIv2 is the Common Secure Interoperability Protocol.) Only the WebLogic Identity Assertion provider should handle this token type. Base64 encoding is not relevant for this token type as it is never passed in via the Servlet container.

CSI_X509_CERTCHAIN_TYPE

public static final java.lang.String CSI_X509_CERTCHAIN_TYPE

The CSI.X509CertChain token is an internal token and is only used when CSIV2 is being used for communication. (CSIv2 is the Common Secure Interoperability Protocol.) Only the WebLogic Identity Assertion provider should handle this token type. Base64 encoding is not relevant for this token type as it is never passed in via the Servlet container.

CSI_DISTINGUISHED_NAME_TYPE

public static final java.lang.String CSI_DISTINGUISHED_NAME_TYPE

The CSI.DistinguishedName token is an internal token and is only used when CSIV2 is being used for communication. (CSIv2 is the Common Secure Interoperability Protocol.) Only the WebLogic Identity Assertion provider should handle this token type. Base64 encoding is not relevant for this token type as it is never passed in via the Servlet container.

Method Detail

assertIdentity

public javax.security.auth.callback.CallbackHandler assertIdentity(java.lang.String type,
                                                                   java.lang.Object token)
                                                            throws IdentityAssertionException

Asserts an identity based on token identity information. An instance of the Identity Assertion provider's CallbackHandler will be passed to the LoginModules to perform principal mapping. A null CallbackHandler instance signifies that the anonymous user should be used.

This method is called every time identity assertion occurs, but the LoginModules may not be called if the Subject is cached. The -Dweblogic.security.identityAssertionTTL flag can be used to affect this behavior (for example, to modify the default TTL of 5 minutes or to disable the cache by setting the flag to 0).

It is the responsibility of the Identity Assertion provider to ensure not just that the token is valid, but also that the user is still valid (for example, the user has not been deleted).

Parameters:: type - the type of token to use for identity assertion; token - the actual token to be used to assert identity
Returns:: a CallbackHandler related to the identity, or null to signify the anonymous user
Throws:: IdentityAssertionException - if the identity assertion fails.