当前页面: 在线文档首页 > JBoss 4.0.1 sp1 .net API Documentation 英文版文档
org.jboss.net.axis.server
JBossAuthenticationHandler (JBoss.Net API) - JBoss 4.0.1 sp1 .net API Documentation 英文版文档
|
|||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||
org.jboss.net.axis.server
Class JBossAuthenticationHandler
java.lang.Objectorg.apache.axis.handlers.BasicHandler
- All Implemented Interfaces:
- org.apache.axis.Handler, Serializable
- public class JBossAuthenticationHandler
- extends org.apache.axis.handlers.BasicHandler
AuthenticationHandler that interacts with a given JBoss autentication manager via default simple principals and passchars from the HTTP Basic Authentication.
It is derived from org.apache.axis.handlers.SimpleAuthenticationHandler. Note that this is somehow redundant to the WebContainer security, but we want to be able to install different authentication schemes for different web services behind a single entry-point.
Per default, unauthenticated calls will be routed by NOT asking the jboss auth manager for validation (most domains still would refuse NobodyPrincipal, no matter how configured) and building a "null" security association.
By specifiying the validateUnauthenticatedCalls=true option, the handler will however try to interface the securityManager with the NobodyPrincipal and an empty password and ask for a proper security association. This is important when dealing with MS Clients (thanks to John Landers for pointing this out) that won锟絫 send any authentication data if not confronted with an HTTP error on the first try.
- Since:
- 14.03.2002
- Version:
- $Revision: 1.6.8.1 $
- Author:
- Christoph G. Jung
- See Also:
- Serialized Form
| Field Summary | |
protected org.jboss.security.SubjectSecurityManager |
authMgr
this is the authentication manager that is responsible for our security domain if that is null, this authenticationhandler will block any call, rather deactivate the handler, then, or run against a NullSecurityManager |
protected boolean |
isInitialised
whether this handler has been initialized already |
protected boolean |
shouldValidateUnauthenticatedCalls
whether this handler should let through unauthenticated calls |
| Fields inherited from class org.apache.axis.handlers.BasicHandler |
makeLockable, name, options |
| Constructor Summary | |
JBossAuthenticationHandler()
default, all options are set afterwards |
|
| Method Summary | |
protected Subject |
associate(Principal userPrincipal,
String passwd)
associates the call context with the given info |
protected Principal |
getPrincipal(String userName)
creates a new principal belonging to the given username, override to adapt to specific security domains. |
protected void |
initialise()
initialize this authenticationhandler lazy, after the options have been set. |
void |
invoke(org.apache.axis.MessageContext msgContext)
Authenticate the user and password from the msgContext. |
protected Subject |
validate(Principal userPrincipal,
String passwd)
validates the given principal with the given password |
| Methods inherited from class org.apache.axis.handlers.BasicHandler |
canHandleBlock, cleanup, generateWSDL, getDeploymentData, getName, getOption, getOptions, getUnderstoodHeaders, init, initHashtable, onFault, setName, setOption, setOptionDefault, setOptions, setOptionsLockable |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
isInitialised
protected boolean isInitialised
- whether this handler has been initialized already
shouldValidateUnauthenticatedCalls
protected boolean shouldValidateUnauthenticatedCalls
- whether this handler should let through unauthenticated calls
authMgr
protected org.jboss.security.SubjectSecurityManager authMgr
- this is the authentication manager that is responsible for our security domain
if that is null, this authenticationhandler will block any call, rather deactivate
the handler, then, or run against a NullSecurityManager
| Constructor Detail |
JBossAuthenticationHandler
public JBossAuthenticationHandler()
- default, all options are set afterwards
| Method Detail |
initialise
protected void initialise()
throws org.apache.axis.AxisFault
- initialize this authenticationhandler lazy, after the options have been
set.
- Throws:
org.apache.axis.AxisFault
getPrincipal
protected Principal getPrincipal(String userName)
- creates a new principal belonging to the given username,
override to adapt to specific security domains.
validate
protected Subject validate(Principal userPrincipal, String passwd) throws org.apache.axis.AxisFault
- validates the given principal with the given password
- Throws:
org.apache.axis.AxisFault
associate
protected Subject associate(Principal userPrincipal, String passwd)
- associates the call context with the given info
invoke
public void invoke(org.apache.axis.MessageContext msgContext)
throws org.apache.axis.AxisFault
- Authenticate the user and password from the msgContext. Note that
we do not disassociate the subject here, since that would have
to be done by a separate handler in the response chain and we
currently expect Jetty or the WebContainer to do that for us
- Throws:
org.apache.axis.AxisFault
|
|||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||
Copyright © 2002 JBoss Group, LLC. All Rights Reserved.