Examples of com.sun.enterprise.security.jauth.AuthConfig

• com.sun.enterprise.security.jauth.AuthConfig
  This class manages the configuration AuthModules.

  An AuthModule represents a pluggable component for performing security-related request and response processing, and can be configured for a particular interception point and provider ID. The provider ID is an administrator-defined value. The standard interception points include:

  • HTTP
  • EJB
  • SOAP

  Information may be associated with a configured module, including its fully qualified class name (so it can be instantiated), and module options (which help tune the behavior of the module). It is the responsibility of the AuthConfig implementation to load any required module information.

  Callers do not operate on AuthModules directly. Instead they rely on a ClientAuthContext or ServerAuthContext to manage the invocation of modules. A caller obtains an instance of ClientAuthContext or ServerAuthContext by calling the getClientAuthContext or getServerAuthContext method, respectively. Each method takes as arguments an intercept, an id, a requestPolicy, and a responsePolicy.

  An AuthConfig implementation determines the modules to be invoked via the intercept and id values. It then encapsulates those modules in a ClientAuthContext or ServerAuthContext instance, and returns that instance. The returned object is responsible for instantiating, initializing, and invoking the configured modules (when called upon).

  The module initializion step involves calling each configured module's AuthModule.initialize method. The received requestPolicy and responsePolicy are passed to this method. It is then the modules' responsibility, when invoked, to enforce these policies.

  A system-wide AuthConfig instance can be retrieved by invoking getConfig. A default implementation is provided, and can be replaced by setting the value of the "authconfig.provider" security property (in the Java security properties file) to the fully qualified name of the desired implementation class. The Java security properties file is located in the file named <JAVA_HOME>/lib/security/java.security, where <JAVA_HOME> refers to the directory where the JDK was installed. @version %I%, %G% @see ClientAuthContext @see ServerAuthContext

    }

    private static ServerAuthContext getAuthContext
  (String layer, String provider, AuthPolicy requestPolicy,
   AuthPolicy responsePolicy,CallbackHandler cbh) throws AuthException {
  AuthConfig authConfig = AuthConfig.getAuthConfig();
  return authConfig.getServerAuthContext
      (layer,provider,requestPolicy,responsePolicy,cbh);
    }

    }

    private static ClientAuthContext getAuthContext
  (String layer, String provider, AuthPolicy requestPolicy,
   AuthPolicy responsePolicy,CallbackHandler cbh) throws AuthException {
  AuthConfig authConfig = AuthConfig.getAuthConfig();
  return authConfig.getClientAuthContext
      (layer,provider,requestPolicy,responsePolicy,cbh);
    }