Class CertUserDBAuthentication

java.lang.Object
org.dogtagpki.server.authentication.AuthManager
com.netscape.cmscore.authentication.CertUserDBAuthentication

public class CertUserDBAuthentication extends AuthManager
Certificate server agent authentication. Maps a SSL client authenticate certificate to a user (agent) entry in the internal database.

Version:
$Revision$, $Date$
Author:
lhsiao, cfu
  • Field Details

  • Constructor Details

    • CertUserDBAuthentication

      public CertUserDBAuthentication()
  • Method Details

    • init

      public void init(AuthenticationConfig authenticationConfig, String name, String implName, AuthManagerConfig config) throws EBaseException
      initializes the CertUserDBAuthentication auth manager

      called by AuthSubsystem init() method, when initializing all available authentication managers.

      Specified by:
      init in class AuthManager
      Parameters:
      implName - - The authentication subsystem that hosts this auth manager
      config - - The configuration store used by the authentication subsystem
      name - The name of this authentication manager instance.
      Throws:
      EBaseException - If an initialization error occurred.
    • init

      public void init(ConfigStore config) throws EProfileException
      Description copied from class: AuthManager
      Initializes this default policy.
      Specified by:
      init in class AuthManager
      Parameters:
      config - configuration store
      Throws:
      EProfileException - failed to initialize
    • getText

      public String getText(Locale locale)
      Description copied from class: AuthManager
      Retrieves the localizable description of this policy.
      Specified by:
      getText in class AuthManager
      Parameters:
      locale - end user locale
      Returns:
      localized authenticator description
    • getValueNames

      public Enumeration<String> getValueNames()
      Description copied from class: AuthManager
      Retrieves a list of names of the property.
      Specified by:
      getValueNames in class AuthManager
      Returns:
      a list of property names
    • getValueDescriptor

      public IDescriptor getValueDescriptor(Locale locale, String name)
      Description copied from class: AuthManager
      Retrieves the descriptor of the given value property by name.
      Specified by:
      getValueDescriptor in class AuthManager
      Parameters:
      locale - user locale
      name - property name
      Returns:
      descriptor of the requested property
    • isValueWriteable

      public boolean isValueWriteable(String name)
      Description copied from class: AuthManager
      Checks if the value of the given property should be serializable into the request. Passsword or other security-related value may not be desirable for storage.
      Specified by:
      isValueWriteable in class AuthManager
      Parameters:
      name - property name
      Returns:
      true if the property is not security related
    • isSSLClientRequired

      public boolean isSSLClientRequired()
      Description copied from class: AuthManager
      Checks if this authenticator requires SSL client authentication.
      Specified by:
      isSSLClientRequired in class AuthManager
      Returns:
      client authentication required or not
    • authenticate

      authenticates user(agent) by certificate

      called by other subsystems or their servlets to authenticate users (agents)

      Specified by:
      authenticate in class AuthManager
      Parameters:
      authCred - - authentication credential that contains an usrgrp.Certificates of the user (agent)
      Returns:
      the authentication token that contains the following
      Throws:
      com.netscape.certsrv.base.EAuthsException - any authentication failure or insufficient credentials
      EMissingCredential - If a required credential for this authentication manager is missing.
      EInvalidCredentials - If credentials cannot be authenticated.
      EBaseException - If an internal error occurred.
      See Also:
    • populate

      public void populate(AuthToken token, Request request) throws EProfileException
      Description copied from class: AuthManager
      Populates authentication specific information into the request for auditing purposes.
      Specified by:
      populate in class AuthManager
      Parameters:
      token - authentication token
      request - request
      Throws:
      EProfileException - failed to populate
    • getRequiredCreds

      public String[] getRequiredCreds()
      get the list of authentication credential attribute names required by this authentication manager. Generally used by the servlets that handle agent operations to authenticate its users. It calls this method to know which are the required credentials from the user (e.g. Javascript form data)
      Specified by:
      getRequiredCreds in class AuthManager
      Returns:
      attribute names in Vector
    • shutdown

      public void shutdown()
      prepare this authentication manager for shutdown.
      Specified by:
      shutdown in class AuthManager