Class AuthSubsystem

  • All Implemented Interfaces:
    ISubsystem

    public class AuthSubsystem
    extends java.lang.Object
    implements ISubsystem
    Default authentication subsystem

    Version:
    $Revision$, $Date$
    Author:
    cfu, lhsiao
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void add​(java.lang.String name, AuthManager authMgrInst)
      Add an authentication manager instance.
      com.netscape.certsrv.authentication.IAuthToken authenticate​(com.netscape.certsrv.authentication.IAuthCredentials authCred, java.lang.String authMgrInstName)
      Authenticate to the named authentication manager instance
      void delete​(java.lang.String name)
      Removes a authentication manager instance.
      AuthManager get​(java.lang.String name)
      Gets the authentication manager instance of the specified name.
      AuthManager getAuthManager​(java.lang.String name)
      gets the named authentication manager
      AuthManager getAuthManagerPlugin​(java.lang.String name)
      Retrieve a single auth manager instance
      com.netscape.certsrv.authentication.AuthMgrPlugin getAuthManagerPluginImpl​(java.lang.String name)
      retrieve a single auth manager plugin by name
      java.util.Enumeration<com.netscape.certsrv.authentication.AuthMgrPlugin> getAuthManagerPlugins()
      Enumerate all registered authentication manager plugins.
      java.util.Enumeration<AuthManager> getAuthManagers()
      Enumerate all authentication manager instances.
      java.lang.String[] getConfigParams​(java.lang.String implName)
      Gets configuration parameters for the given authentication manager plugin.
      AuthenticationConfig getConfigStore()
      Returns the root configuration storage of this system.
      java.lang.String getId()
      Retrieves id (name) of this subsystem.
      static AuthSubsystem getInstance()  
      java.util.Hashtable<java.lang.String,​AuthManagerProxy> getInstances()
      Get a hashtable containing all authentication instances.
      java.util.Hashtable<java.lang.String,​com.netscape.certsrv.authentication.AuthMgrPlugin> getPlugins()
      Get a hashtable containing all authentication plugins.
      java.lang.String[] getRequiredCreds​(java.lang.String authMgrInstName)
      Gets a list of required authentication credential names of the specified authentication manager.
      void init​(IConfigStore config)
      Initializes the authentication subsystem from the config store.
      void setId​(java.lang.String id)
      Sets id string to this subsystem.
      void shutdown()
      shuts down authentication managers one by one.
      void startup()
      registers the administration servlet with the administration subsystem.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • logger

        public static org.slf4j.Logger logger
      • PASSWDUSERDB_PLUGIN_ID

        public static final java.lang.String PASSWDUSERDB_PLUGIN_ID
        Constant for password based authentication plugin ID.
        See Also:
        Constant Field Values
      • CERTUSERDB_PLUGIN_ID

        public static final java.lang.String CERTUSERDB_PLUGIN_ID
        Constant for certificate based authentication plugin ID.
        See Also:
        Constant Field Values
      • CHALLENGE_PLUGIN_ID

        public static final java.lang.String CHALLENGE_PLUGIN_ID
        Constant for challenge based authentication plugin ID.
        See Also:
        Constant Field Values
      • NULL_PLUGIN_ID

        public static final java.lang.String NULL_PLUGIN_ID
        Constant for null authentication plugin ID.
        See Also:
        Constant Field Values
      • SSLCLIENTCERT_PLUGIN_ID

        public static final java.lang.String SSLCLIENTCERT_PLUGIN_ID
        Constant for ssl client authentication plugin ID.
        See Also:
        Constant Field Values
      • PASSWDUSERDB_AUTHMGR_ID

        public static final java.lang.String PASSWDUSERDB_AUTHMGR_ID
        Constant for password based authentication manager ID.
        See Also:
        Constant Field Values
      • CERTUSERDB_AUTHMGR_ID

        public static final java.lang.String CERTUSERDB_AUTHMGR_ID
        Constant for certificate based authentication manager ID.
        See Also:
        Constant Field Values
      • CHALLENGE_AUTHMGR_ID

        public static final java.lang.String CHALLENGE_AUTHMGR_ID
        Constant for challenge based authentication manager ID.
        See Also:
        Constant Field Values
      • NULL_AUTHMGR_ID

        public static final java.lang.String NULL_AUTHMGR_ID
        Constant for null authentication manager ID.
        See Also:
        Constant Field Values
      • SSLCLIENTCERT_AUTHMGR_ID

        public static final java.lang.String SSLCLIENTCERT_AUTHMGR_ID
        Constant for ssl client authentication manager ID.
        See Also:
        Constant Field Values
      • CMCAUTH_PLUGIN_ID

        public static final java.lang.String CMCAUTH_PLUGIN_ID
        Constant for CMC authentication plugin ID.
        See Also:
        Constant Field Values
      • CMCAUTH_AUTHMGR_ID

        public static final java.lang.String CMCAUTH_AUTHMGR_ID
        Constant for CMC authentication manager ID.
        See Also:
        Constant Field Values
      • CMC_USER_SIGNED_AUTH_AUTHMGR_ID

        public static final java.lang.String CMC_USER_SIGNED_AUTH_AUTHMGR_ID
        Constant for CMC user-signed authentication manager ID.
        See Also:
        Constant Field Values
      • mAuthMgrPlugins

        public java.util.Hashtable<java.lang.String,​com.netscape.certsrv.authentication.AuthMgrPlugin> mAuthMgrPlugins
      • mAuthMgrInsts

        public java.util.Hashtable<java.lang.String,​AuthManagerProxy> mAuthMgrInsts
    • Method Detail

      • init

        public void init​(IConfigStore config)
                  throws EBaseException
        Initializes the authentication subsystem from the config store. Load Authentication manager plugins, create and initialize initialize authentication manager instances.
        Specified by:
        init in interface ISubsystem
        Parameters:
        config - The configuration store.
        Throws:
        EBaseException - failed to initialize
      • authenticate

        public com.netscape.certsrv.authentication.IAuthToken authenticate​(com.netscape.certsrv.authentication.IAuthCredentials authCred,
                                                                           java.lang.String authMgrInstName)
                                                                    throws com.netscape.certsrv.authentication.EMissingCredential,
                                                                           com.netscape.certsrv.authentication.EInvalidCredentials,
                                                                           com.netscape.certsrv.authentication.EAuthMgrNotFound,
                                                                           EBaseException
        Authenticate to the named authentication manager instance

        Parameters:
        authCred - authentication credentials subject to the requirements of each authentication manager
        authMgrName - name of the authentication manager instance
        Returns:
        authentication token with individualized authenticated information.
        Throws:
        com.netscape.certsrv.authentication.EMissingCredential - If a required credential for the authentication manager is missing.
        com.netscape.certsrv.authentication.EInvalidCredentials - If the credentials cannot be authenticated
        com.netscape.certsrv.authentication.EAuthMgrNotFound - The auth manager is not found.
        EBaseException - If an internal error occurred.
      • getRequiredCreds

        public java.lang.String[] getRequiredCreds​(java.lang.String authMgrInstName)
                                            throws com.netscape.certsrv.authentication.EAuthMgrNotFound
        Gets a list of required authentication credential names of the specified authentication manager.
        Parameters:
        authMgrName - The authentication manager name
        Returns:
        a Vector of required credential attribute names.
        Throws:
        com.netscape.certsrv.authentication.EAuthMgrNotFound
      • getConfigParams

        public java.lang.String[] getConfigParams​(java.lang.String implName)
                                           throws com.netscape.certsrv.authentication.EAuthMgrPluginNotFound,
                                                  EBaseException
        Gets configuration parameters for the given authentication manager plugin.
        Parameters:
        implName - Name of the authentication plugin.
        Returns:
        Hashtable of required parameters.
        Throws:
        com.netscape.certsrv.authentication.EAuthMgrPluginNotFound
        EBaseException
      • add

        public void add​(java.lang.String name,
                        AuthManager authMgrInst)
        Add an authentication manager instance.
        Parameters:
        name - name of the authentication manager instance
        authMgr - the authentication manager instance to be added
      • delete

        public void delete​(java.lang.String name)
        Removes a authentication manager instance.
        Parameters:
        name - name of the authentication manager
      • get

        public AuthManager get​(java.lang.String name)
        Gets the authentication manager instance of the specified name.
        Parameters:
        name - name of the authentication manager instance
        Returns:
        the named authentication manager instance
      • getAuthManagers

        public java.util.Enumeration<AuthManager> getAuthManagers()
        Enumerate all authentication manager instances.
      • getAuthManagerPlugins

        public java.util.Enumeration<com.netscape.certsrv.authentication.AuthMgrPlugin> getAuthManagerPlugins()
        Enumerate all registered authentication manager plugins.
      • getAuthManagerPluginImpl

        public com.netscape.certsrv.authentication.AuthMgrPlugin getAuthManagerPluginImpl​(java.lang.String name)
        retrieve a single auth manager plugin by name
      • getAuthManagerPlugin

        public AuthManager getAuthManagerPlugin​(java.lang.String name)
        Retrieve a single auth manager instance
      • getId

        public java.lang.String getId()
        Retrieves id (name) of this subsystem.
        Specified by:
        getId in interface ISubsystem
        Returns:
        name of the authentication subsystem
      • setId

        public void setId​(java.lang.String id)
                   throws EBaseException
        Sets id string to this subsystem.

        Use with caution. Should not do it when sharing with others

        Specified by:
        setId in interface ISubsystem
        Parameters:
        id - name to be applied to an authentication sybsystem
        Throws:
        EBaseException - failed to set id
      • shutdown

        public void shutdown()
        shuts down authentication managers one by one.

        Specified by:
        shutdown in interface ISubsystem
      • getPlugins

        public java.util.Hashtable<java.lang.String,​com.netscape.certsrv.authentication.AuthMgrPlugin> getPlugins()
        Get a hashtable containing all authentication plugins.
        Returns:
        all authentication plugins.
      • getInstances

        public java.util.Hashtable<java.lang.String,​AuthManagerProxy> getInstances()
        Get a hashtable containing all authentication instances.
        Returns:
        all authentication instances.
      • getConfigStore

        public AuthenticationConfig getConfigStore()
        Returns the root configuration storage of this system.
        Specified by:
        getConfigStore in interface ISubsystem
        Returns:
        configuration store of this subsystem
      • getAuthManager

        public AuthManager getAuthManager​(java.lang.String name)
        gets the named authentication manager
        Parameters:
        name - of the authentication manager
        Returns:
        the named authentication manager