de.aristaflow.adept2.base.security

Interface GlobalSecurityManager

All Superinterfaces:

Authentication, SecurityManager

public interface GlobalSecurityManager
extends SecurityManager

The global security manager extends the normal security manager by methods accepting additional communication contexts that allow for communication-related information that can be used for authentication.

Author:

Ulrich Kreher

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	CONF_GSM_KEY_MODULUS The configuration key for the modulus of the public/private key pair of the global security manager.
static java.lang.String	CONF_GSM_KEY_PRIVATE_EXPONENT The configuration key for the exponent of the private key of the global security manager.
static java.lang.String	CONF_GSM_KEY_PUBLIC_EXPONENT The configuration key for the exponent of the public key of the global security manager.
static java.lang.String	CONF_LSM_KEY_MODULUS The configuration key for the modulus of the public/private key pair of the local security manager.
static java.lang.String	CONF_LSM_KEY_PUBLIC_EXPONENT The configuration key for the exponent of the public key of the local security manager.
static int	KEY_DEFAULT_SIZE The default size of the RSA key.

Method Summary

Modifier and Type	Method and Description
ClientSessionFactory	authenticate(java.lang.String agentName, long orgPositionID, java.lang.String method, byte[] authenticationData, AFCallbackHandler callbackHandler, java.lang.String userSessionID, de.aristaflow.adept2.model.communication.InjectedCommContext context) Authentication.authenticate(String, long, String, byte[], AFCallbackHandler, String) with an additional injected communication context.
java.util.List<QualifiedAgent>	authenticate(java.lang.String agentName, java.lang.String method, byte[] authenticationData, AFCallbackHandler callbackHandler, de.aristaflow.adept2.model.communication.InjectedCommContext context) Authentication.authenticate(String, String, byte[], AFCallbackHandler) with an additional injected communication context.
ClientSessionFactory[]	authenticateCombined(java.lang.String agentName, java.lang.String method, byte[] authenticationData, AFCallbackHandler callbackHandler, de.aristaflow.adept2.model.communication.InjectedCommContext context) Authentication.authenticateCombined(String, String, byte[], AFCallbackHandler) with an additional injected communication context.
SessionFactory	authenticatePrivileged(java.lang.String agentName, long orgPositionID, java.lang.String method, byte[] authenticationData, AFCallbackHandler callbackHandler, de.aristaflow.adept2.model.communication.InjectedCommContext context) SecurityManager.authenticatePrivileged(String, long, String, byte[], AFCallbackHandler) with an additional injected communication context.
SessionFactory[]	authenticatePrivilegedCombined(java.lang.String agentName, java.lang.String method, byte[] authenticationData, AFCallbackHandler callbackHandler, de.aristaflow.adept2.model.communication.InjectedCommContext context) SecurityManager.authenticatePrivilegedCombined(String, String, byte[], AFCallbackHandler) with an additional injected communication context.

Methods inherited from interface de.aristaflow.adept2.base.security.SecurityManager

authenticatePrivileged, authenticatePrivilegedCombined, authenticatePrivilegedCombined, getGlobalPublicKeySpec, getLocalPublicKeySpec

Methods inherited from interface de.aristaflow.adept2.base.security.Authentication

authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, authenticateCombined, authenticateCombined, logoff

Field Detail

CONF_GSM_KEY_PUBLIC_EXPONENT

static final java.lang.String CONF_GSM_KEY_PUBLIC_EXPONENT

The configuration key for the exponent of the public key of the global security manager.

See Also:

Constant Field Values

CONF_GSM_KEY_PRIVATE_EXPONENT

static final java.lang.String CONF_GSM_KEY_PRIVATE_EXPONENT

The configuration key for the exponent of the private key of the global security manager.

See Also:

Constant Field Values

CONF_GSM_KEY_MODULUS

static final java.lang.String CONF_GSM_KEY_MODULUS

The configuration key for the modulus of the public/private key pair of the global security manager.

See Also:

Constant Field Values

CONF_LSM_KEY_PUBLIC_EXPONENT

static final java.lang.String CONF_LSM_KEY_PUBLIC_EXPONENT

The configuration key for the exponent of the public key of the local security manager.

See Also:

Constant Field Values

CONF_LSM_KEY_MODULUS

static final java.lang.String CONF_LSM_KEY_MODULUS

The configuration key for the modulus of the public/private key pair of the local security manager.

See Also:

Constant Field Values

KEY_DEFAULT_SIZE

static final int KEY_DEFAULT_SIZE

The default size of the RSA key.

See Also:

Constant Field Values

Method Detail

authenticate

java.util.List<QualifiedAgent> authenticate(java.lang.String agentName,
                                            java.lang.String method,
                                            byte[] authenticationData,
                                            AFCallbackHandler callbackHandler,
                                            de.aristaflow.adept2.model.communication.InjectedCommContext context)
                                     throws AuthenticationException

Authentication.authenticate(String, String, byte[], AFCallbackHandler) with an additional injected communication context. This also represents Authentication.authenticate(String, byte[], AFCallbackHandler) with the unneeded parameter set to null.

Parameters:

agentName - The unique name of the agent to authenticate.

method - The authentication method to use for authentication. This must not be null nor the empty string.

authenticationData - The data required by the designated authentication method.

callbackHandler - A handler for callbacks allowing the used authentication method to request further data.

context - The context provided by the communication to provide additional information that can be used for authentication.

Returns:

Objects representing the authenticated user in the occupied organisational positions. The list will be filtered according to the application name. It may also be the empty list.

Throws:

AuthenticationException - If the designated agent cannot be authenticated by the designated data with the designated authentication method and the callback handler, an AuthenticationException will be thrown.

authenticate

ClientSessionFactory authenticate(java.lang.String agentName,
                                  long orgPositionID,
                                  java.lang.String method,
                                  byte[] authenticationData,
                                  AFCallbackHandler callbackHandler,
                                  java.lang.String userSessionID,
                                  de.aristaflow.adept2.model.communication.InjectedCommContext context)
                           throws AuthenticationException

Authentication.authenticate(String, long, String, byte[], AFCallbackHandler, String) with an additional injected communication context. This also represents Authentication.authenticate(String, long, String, byte[], AFCallbackHandler) with the unneeded parameter set to null.

Parameters:

agentName - The unique name of the agent to authenticate.

orgPositionID - The ID of the organisational position of the corresponding QualifedAgent.

method - The authentication method to use for authentication. This must not be null nor the empty string.

authenticationData - The data required by the designated authentication method.

callbackHandler - A handler for callbacks allowing the used authentication method to request further data.

context - The context provided by the communication to provide additional information that can be used for authentication.

userSessionID - The ID of the user session which is provided by various (client) frameworks. For instance HTTP-frameworks use this HTTP-Session-ID to identify each user uniquely.

Returns:

The client session factory for the designated agent and the corresponding organisational position encapsulating the security.

Throws:

AuthenticationException - If the designated agent cannot be authenticated by the designated data with the designated authentication method and the callback handler or the agent is not allowed to log on at the provided application, an AuthenticationException will be thrown.

authenticateCombined

ClientSessionFactory[] authenticateCombined(java.lang.String agentName,
                                            java.lang.String method,
                                            byte[] authenticationData,
                                            AFCallbackHandler callbackHandler,
                                            de.aristaflow.adept2.model.communication.InjectedCommContext context)
                                     throws AuthenticationException

Authentication.authenticateCombined(String, String, byte[], AFCallbackHandler) with an additional injected communication context. This also represents Authentication.authenticateCombined(String, byte[], AFCallbackHandler) with the unneeded parameter set to null.

Parameters:

agentName - The unique name of the agent to authenticate.

method - The authentication method to use for authentication. This must not be null nor the empty string.

authenticationData - The data required by the designated authentication method.

callbackHandler - A handler for callbacks allowing the used authentication method to request further data. This may be null in case no callbacks (especially for choosing the organisational position or the user session ID) are required.

context - The context provided by the communication to provide additional information that can be used for authentication.

Returns:

The client session factory/factories for the designated agent and the chosen organisational position/positions encapsulating the security.

Throws:

AuthenticationException - If the designated agent cannot be authenticated by the designated data with the designated authentication method and the callback handler or the agent is not allowed to log on at the provided application, an AuthenticationException will be thrown.

authenticatePrivileged

SessionFactory authenticatePrivileged(java.lang.String agentName,
                                      long orgPositionID,
                                      java.lang.String method,
                                      byte[] authenticationData,
                                      AFCallbackHandler callbackHandler,
                                      de.aristaflow.adept2.model.communication.InjectedCommContext context)
                               throws AuthenticationException,
                                      IntegrityException

SecurityManager.authenticatePrivileged(String, long, String, byte[], AFCallbackHandler) with an additional injected communication context.

Parameters:

agentName - The unique name of the agent to authenticate.

orgPositionID - The ID of the organisational position of the corresponding QualifedAgent.

method - The authentication method to use for authentication. This must not be null nor the empty string.

authenticationData - The data required by the designated authentication method.

callbackHandler - A handler for callbacks allowing the used authentication method to request further data.

context - The context provided by the communication to provide additional information that can be used for authentication.

Returns:

The session factory for the designated agent and the corresponding organisational position encapsulating the security.

Throws:

AuthenticationException - If the designated agent cannot be authenticated by the designated data with the designated authentication method and the callback handler or the agent is not allowed to log on at the provided application, an AuthenticationException will be thrown.

IntegrityException - If setting the global security manager in the returned session token fails due to problems with the integrity of the local or the global security manager, an IntegrityException will be thrown.

authenticatePrivilegedCombined

SessionFactory[] authenticatePrivilegedCombined(java.lang.String agentName,
                                                java.lang.String method,
                                                byte[] authenticationData,
                                                AFCallbackHandler callbackHandler,
                                                de.aristaflow.adept2.model.communication.InjectedCommContext context)
                                         throws AuthenticationException,
                                                IntegrityException

SecurityManager.authenticatePrivilegedCombined(String, String, byte[], AFCallbackHandler) with an additional injected communication context. This also represents SecurityManager.authenticatePrivilegedCombined(String, byte[], AFCallbackHandler) with the unneeded parameter set to null.

Parameters:

agentName - The unique name of the agent to authenticate.

method - The authentication method to use for authentication. This must not be null nor the empty string.

authenticationData - The data required by the designated authentication method.

callbackHandler - A handler for callbacks allowing the used authentication method to request further data. This may be null in case no callbacks (especially for choosing the organisational position) are required.

context - The context provided by the communication to provide additional information that can be used for authentication.

Returns:

The session factory/factories for the designated agent and the chosen organisational position/positions encapsulating the security.

Throws:

AuthenticationException - If the designated agent cannot be authenticated by the designated data with the designated authentication method and the callback handler or the agent is not allowed to log on at the provided application, an AuthenticationException will be thrown.

IntegrityException - If setting the global security manager in the returned session token fails due to problems with the integrity of the local or the global security manager, an IntegrityException will be thrown.