com.novell.java.security
Class Authenticator

java.lang.Object
  |
  +--com.novell.java.security.Authenticator

public final class Authenticator

extends java.lang.Object

Manages the authentication process for identities within a JVM. The Authenticator achieves application authentication by prompting for user credentials when an authentication request is issued. The Authenticator uses the underlying requestor to perform the actual authentication.

NOTE: The APIs required for the development of authentication protocols and storage of long-term authentication secrets are not part of the public release at this time, however, they may be made public in a future release.

See Also:

Identity, IdentityScope, BinderyIdentity, BinderyIdentityScope, NdsIdentity, NdsIdentityScope

Method Summary

static void	createTokens(Identity identity) Deprecated. This API should not be used, and may not work on some platforms. It has been replaced with createTokens(Identity admin, Identity user)
static void	createTokens(Identity admin, Identity user) Creates new authentication login secrets or tokens for an Identity object.
static Identity[]	getIdentities() Returns a list of currently authenticated Identity objects.
static Identity[]	getIdentities(IdentityScope scope) Returns a list of currently authenticated Identity objects within the specified scope.
static java.lang.String	getLastUserDomain() Returns the domain of the identity that was last successfully acted on by the Authenticator (e.g.
static java.lang.String	getLastUsername() Returns the name of the identity that was last successfully acted on by the Authenticator (e.g.
static void	login(Identity identity) Performs a login/logout of the Identity to its scope.
static void	logout(Identity identity) Logs out (destroys) the specified Identity object and the associated short-term credentials from its identity scope.
static void	modifyTokens(Identity identity) Modifies existing authentication login secrets or tokens for an Identity object.
static void	verifyTokens(Identity identity) Verifies existing authentication login secrets or tokens for an Identity object.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

login

public static void login(Identity identity)
                  throws LoginException

Performs a login/logout of the Identity to its scope.

Parameters:

identity - The Identity object to be logged in.

Throws:

LoginException - When an error occurs.

modifyTokens

public static void modifyTokens(Identity identity)
                         throws ModifyTokensException

Modifies existing authentication login secrets or tokens for an Identity object.

For password systems, this means changing a user password.

Parameters:

identity - The Identity whose login tokens are to be modified.

Throws:

ModifyTokensException - When an error occurs.

createTokens

public static void createTokens(Identity identity)
                         throws CreateTokensException

Deprecated. This API should not be used, and may not work on some platforms. It has been replaced with createTokens(Identity admin, Identity user)

Creates new authentication login secrets or tokens for an Identity object.

Typically, administrators use this method to initialize a user object with some secret. For password systems, this means creating a new user password.

Parameters:

identity - The Identity object whose login tokens are to be created.

Throws:

ModifyTokensException - When an error occurs.

createTokens

public static void createTokens(Identity admin,
                                Identity user)
                         throws CreateTokensException

Creates new authentication login secrets or tokens for an Identity object.

Typically, administrators use this method to initialize a user object with some secret. For password systems, this means creating a new user password.

Parameters:

admin - The Identity object (typically, one with admin rights) whose permissions are to be used for creating user tokens.

user - The Identity object whose login tokens are to be created.

Throws:

CreateTokensException - When an error occurs.

verifyTokens

public static void verifyTokens(Identity identity)
                         throws VerifyTokensException

Verifies existing authentication login secrets or tokens for an Identity object.

For password systems, this means verifying a user password.

Parameters:

identity - The Identity whose login tokens are to be verified.

Throws:

VerifyTokensException - When an error occurs.

logout

public static void logout(Identity identity)
                   throws LogoutException

Logs out (destroys) the specified Identity object and the associated short-term credentials from its identity scope.

Parameters:

identity - The Identity object to be logged out.

Throws:

LogoutException - When an error occurs.

getIdentities

public static Identity[] getIdentities()
                                throws GetIdentitiesException

Returns a list of currently authenticated Identity objects.

Returns:

The array of currently authenticated Identity objects.

Throws:

GetIdentitiesException - When an error occurs.

getIdentities

public static Identity[] getIdentities(IdentityScope scope)
                                throws GetIdentitiesException

Returns a list of currently authenticated Identity objects within the specified scope.

Parameters:

scope - The IdentityScope to be searched for authenticated Identity objects.

Returns:

The array of Identity objects currently authenticated.

Throws:

GetIdentitiesException - When an error occurs.

getLastUsername

public static java.lang.String getLastUsername()

Returns the name of the identity that was last successfully acted on by the Authenticator (e.g. login, logout, password change, etc.) by the current thread. This is useful for cases where the user changes the information in an Authenticator dialog.

getLastUserDomain

public static java.lang.String getLastUserDomain()

Returns the domain of the identity that was last successfully acted on by the Authenticator (e.g. login, logout, password change, etc.) by the current thread. This is useful for cases where the user changes the information in an Authenticator dialog.