com.bea.wli.sb.transports

Interface CredentialCallback

public interface CredentialCallback

Transport providers get an instance of this callback interface from OSB. The transport provider can call its methods to fetch a credential used for outbound authentication.

Method Summary

Modifier and Type	Method and Description
KeyPairCredential	getKeyPair() Returns a key-pair credential used for outbound SSL client authentication.
Ref	getServiceKeyProvider() Returns a reference to the service key provider used by this CredentialCallback or null if the CredentialCallback does not have a service key provider
Subject	getSubject() Gets the client request subject.
Subject	getSubject(Ref serviceAccount) Gets the JAAS subject according to the service account policy.
UsernamePassword	getUsernamePassword(Ref serviceAccount) Gets the username/password according to the service account policy.
<T> T	runAsSubject(PrivilegedAction<T> action) Runs the specified action using the client request subject.
<T> T	runAsSubject(PrivilegedExceptionAction<T> action) Runs the specified action using the client request subject.
<T> T	runAsSubject(Ref serviceAccount, PrivilegedExceptionAction<T> action) Runs the specified action using the subject according to the service account policy.

Method Detail

getUsernamePassword

UsernamePassword getUsernamePassword(Ref serviceAccount)
                              throws CredentialNotFoundException

Gets the username/password according to the service account policy. The transport provider can use this username/password for outbound basic authentication.

Parameters:

serviceAccount - a reference to the endpoint's service account

Returns:

the username/password

Throws:

CredentialNotFoundException - if there is any error while resolving the username/password

IllegalArgumentException - if serviceAccount is null

getSubject

Subject getSubject(Ref serviceAccount)
            throws CredentialNotFoundException

Gets the JAAS subject according to the service account policy. Note that this subject may be anonymous. The transport provider can call oracle.security.jps.runtime.SubjectSecurity#executeAs(javax.security.auth.Subject,java.security.PrivilegedAction) to push the subject on the thread.

Parameters:

serviceAccount - a reference to the endpoint's service account

Returns:

the subject

Throws:

CredentialNotFoundException - if there is any error while resolving the subject

IllegalArgumentException - if serviceAccount is null

getSubject

Subject getSubject()
            throws CredentialNotFoundException

Gets the client request subject. OSB supports several mechanisms to authenticate clients. In particular, the client request may be authenticated at the transport level or message level. Transport providers must not make any assumptions about the method used to authenticate this subject. Note that this subject may be anonymous.

The transport provider can use this subject for JAAS-based outbound authentication. The transport provider can call to push the subject on the thread.

Note: transport providers should not rely on the subject on the thread at the time the provider is invoked.

Returns:

the client subject

Throws:

CredentialNotFoundException - if there is any error while resolving the subject

runAsSubject

<T> T runAsSubject(PrivilegedAction<T> action)
            throws CredentialNotFoundException

Runs the specified action using the client request subject. OSB supports several mechanisms to authenticate clients. In particular, the client request may be authenticated at the transport level or message level. Transport providers must not make any assumptions about the method used to authenticate this subject. Note that this subject may be anonymous.

Parameters:

action - the action to run using the client request subject

Returns:

the value returned from the specified action

Throws:

PrivilegedActionException - exception thrown from specified action

CredentialNotFoundException - if there is any error while resolving the subject

Since:

12.1.3

runAsSubject

<T> T runAsSubject(PrivilegedExceptionAction<T> action)
            throws PrivilegedActionException,
                   CredentialNotFoundException

Runs the specified action using the client request subject. OSB supports several mechanisms to authenticate clients. In particular, the client request may be authenticated at the transport level or message level. Transport providers must not make any assumptions about the method used to authenticate this subject. Note that this subject may be anonymous.

Parameters:

action - the action to run using the client request subject

Returns:

the value returned from the specified action

Throws:

PrivilegedActionException - exception thrown from specified action

CredentialNotFoundException - if there is any error while resolving the subject

Since:

12.1.3

runAsSubject

<T> T runAsSubject(Ref serviceAccount,
                   PrivilegedExceptionAction<T> action)
            throws PrivilegedActionException,
                   CredentialNotFoundException

Runs the specified action using the subject according to the service account policy.

Parameters:

serviceAccount - a reference to the endpoint's service account

action - the action to run using the client request subject

Returns:

the value returned from the specified action

Throws:

PrivilegedActionException - exception thrown from specified action

CredentialNotFoundException - if there is any error while resolving the subject

Since:

12.1.3

getKeyPair

KeyPairCredential getKeyPair()
                      throws CredentialNotFoundException

Returns a key-pair credential used for outbound SSL client authentication.

Returns:

the SSL key-pair

Throws:

CredentialNotFoundException - if there is any error while resolving the key-pair

getServiceKeyProvider

Ref getServiceKeyProvider()

Returns a reference to the service key provider used by this CredentialCallback or null if the CredentialCallback does not have a service key provider

Returns:

the service key provider

Since:

3.0