Package de.aristaflow.adept2.base.security

Interface GlobalSecurityManager

  • All Superinterfaces:
    Authentication, SecurityManager
    public interface GlobalSecurityManager
extends SecurityManager
    The global security manager extends the normal security manager by methods accepting additional communication contexts that allow for communication-related information that can be used for authentication.

    • Field Detail

      • CONF_GSM_KEY_PUBLIC_EXPONENT

        static final String CONF_GSM_KEY_PUBLIC_EXPONENT
        The configuration key for the exponent of the public key of the global security manager.
        See Also:
        Constant Field Values

      • CONF_GSM_KEY_PRIVATE_EXPONENT

        static final String CONF_GSM_KEY_PRIVATE_EXPONENT
        The configuration key for the exponent of the private key of the global security manager.
        See Also:
        Constant Field Values

      • CONF_GSM_KEY_MODULUS

        static final String CONF_GSM_KEY_MODULUS
        The configuration key for the modulus of the public/private key pair of the global security manager.
        See Also:
        Constant Field Values

      • CONF_LSM_KEY_PUBLIC_EXPONENT

        static final String CONF_LSM_KEY_PUBLIC_EXPONENT
        The configuration key for the exponent of the public key of the local security manager.
        See Also:
        Constant Field Values

      • CONF_LSM_KEY_MODULUS

        static final String CONF_LSM_KEY_MODULUS
        The configuration key for the modulus of the public/private key pair of the local security manager.
        See Also:
        Constant Field Values

      • KEY_DEFAULT_SIZE

        static final int KEY_DEFAULT_SIZE
        The default size of the RSA key.
        See Also:
        Constant Field Values

    • Method Detail

      • authenticate

        List<QualifiedAgent> authenticate​(String agentName,
                                  String method,
                                  byte[] authenticationData,
                                  AFCallbackHandler callbackHandler,
                                  de.aristaflow.adept2.model.communication.InjectedCommContext context)
                           throws AuthenticationException
        Authentication.authenticate(String, String, byte[], AFCallbackHandler) with an additional injected communication context. This also represents Authentication.authenticate(String, byte[], AFCallbackHandler) with the unneeded parameter set to null.
        Parameters:
        agentName - The unique name of the agent to authenticate.
        method - The authentication method to use for authentication. This must not be null nor the empty string.
        authenticationData - The data required by the designated authentication method.
        callbackHandler - A handler for callbacks allowing the used authentication method to request further data.
        context - The context provided by the communication to provide additional information that can be used for authentication.
        Returns:
        Objects representing the authenticated user in the occupied organisational positions. The list will be filtered according to the application name. It may also be the empty list.
        Throws:
        AuthenticationException - If the designated agent cannot be authenticated by the designated data with the designated authentication method and the callback handler, an AuthenticationException will be thrown.

      • authenticate

        ClientSessionFactory authenticate​(String agentName,
                                  long orgPositionID,
                                  String method,
                                  byte[] authenticationData,
                                  AFCallbackHandler callbackHandler,
                                  String userSessionID,
                                  de.aristaflow.adept2.model.communication.InjectedCommContext context)
                           throws AuthenticationException
        Authentication.authenticate(String, long, String, byte[], AFCallbackHandler, String) with an additional injected communication context. This also represents Authentication.authenticate(String, long, String, byte[], AFCallbackHandler) with the unneeded parameter set to null.
        Parameters:
        agentName - The unique name of the agent to authenticate.
        orgPositionID - The ID of the organisational position of the corresponding QualifedAgent.
        method - The authentication method to use for authentication. This must not be null nor the empty string.
        authenticationData - The data required by the designated authentication method.
        callbackHandler - A handler for callbacks allowing the used authentication method to request further data.
        context - The context provided by the communication to provide additional information that can be used for authentication.
        userSessionID - The ID of the user session which is provided by various (client) frameworks. For instance HTTP-frameworks use this HTTP-Session-ID to identify each user uniquely.
        Returns:
        The client session factory for the designated agent and the corresponding organisational position encapsulating the security.
        Throws:
        AuthenticationException - If the designated agent cannot be authenticated by the designated data with the designated authentication method and the callback handler or the agent is not allowed to log on at the provided application, an AuthenticationException will be thrown.

      • authenticateCombined

        ClientSessionFactory[] authenticateCombined​(String agentName,
                                            String method,
                                            byte[] authenticationData,
                                            AFCallbackHandler callbackHandler,
                                            de.aristaflow.adept2.model.communication.InjectedCommContext context)
                                     throws AuthenticationException
        Authentication.authenticateCombined(String, String, byte[], AFCallbackHandler) with an additional injected communication context. This also represents Authentication.authenticateCombined(String, byte[], AFCallbackHandler) with the unneeded parameter set to null.
        Parameters:
        agentName - The unique name of the agent to authenticate.
        method - The authentication method to use for authentication. This must not be null nor the empty string.
        authenticationData - The data required by the designated authentication method.
        callbackHandler - A handler for callbacks allowing the used authentication method to request further data. This may be null in case no callbacks (especially for choosing the organisational position or the user session ID) are required.
        context - The context provided by the communication to provide additional information that can be used for authentication.
        Returns:
        The client session factory/factories for the designated agent and the chosen organisational position/positions encapsulating the security.
        Throws:
        AuthenticationException - If the designated agent cannot be authenticated by the designated data with the designated authentication method and the callback handler or the agent is not allowed to log on at the provided application, an AuthenticationException will be thrown.

      • authenticatePrivileged

        SessionFactory authenticatePrivileged​(String agentName,
                                      long orgPositionID,
                                      String method,
                                      byte[] authenticationData,
                                      AFCallbackHandler callbackHandler,
                                      de.aristaflow.adept2.model.communication.InjectedCommContext context)
                               throws AuthenticationException,
                                      IntegrityException
        SecurityManager.authenticatePrivileged(String, long, String, byte[], AFCallbackHandler) with an additional injected communication context.
        Parameters:
        agentName - The unique name of the agent to authenticate.
        orgPositionID - The ID of the organisational position of the corresponding QualifedAgent.
        method - The authentication method to use for authentication. This must not be null nor the empty string.
        authenticationData - The data required by the designated authentication method.
        callbackHandler - A handler for callbacks allowing the used authentication method to request further data.
        context - The context provided by the communication to provide additional information that can be used for authentication.
        Returns:
        The session factory for the designated agent and the corresponding organisational position encapsulating the security.
        Throws:
        AuthenticationException - If the designated agent cannot be authenticated by the designated data with the designated authentication method and the callback handler or the agent is not allowed to log on at the provided application, an AuthenticationException will be thrown.
        IntegrityException - If setting the global security manager in the returned session token fails due to problems with the integrity of the local or the global security manager, an IntegrityException will be thrown.

      • authenticatePrivilegedCombined

        SessionFactory[] authenticatePrivilegedCombined​(String agentName,
                                                String method,
                                                byte[] authenticationData,
                                                AFCallbackHandler callbackHandler,
                                                de.aristaflow.adept2.model.communication.InjectedCommContext context)
                                         throws AuthenticationException,
                                                IntegrityException
        SecurityManager.authenticatePrivilegedCombined(String, String, byte[], AFCallbackHandler) with an additional injected communication context. This also represents SecurityManager.authenticatePrivilegedCombined(String, byte[], AFCallbackHandler) with the unneeded parameter set to null.
        Parameters:
        agentName - The unique name of the agent to authenticate.
        method - The authentication method to use for authentication. This must not be null nor the empty string.
        authenticationData - The data required by the designated authentication method.
        callbackHandler - A handler for callbacks allowing the used authentication method to request further data. This may be null in case no callbacks (especially for choosing the organisational position) are required.
        context - The context provided by the communication to provide additional information that can be used for authentication.
        Returns:
        The session factory/factories for the designated agent and the chosen organisational position/positions encapsulating the security.
        Throws:
        AuthenticationException - If the designated agent cannot be authenticated by the designated data with the designated authentication method and the callback handler or the agent is not allowed to log on at the provided application, an AuthenticationException will be thrown.
        IntegrityException - If setting the global security manager in the returned session token fails due to problems with the integrity of the local or the global security manager, an IntegrityException will be thrown.