AuthConfig (Payara Project 5.193.1 API)

java.lang.Object
- com.sun.enterprise.security.jauth.AuthConfig

```
public abstract class AuthConfig
extends Object
```
This class manages the configuration AuthModules.
An AuthModule represents a pluggable component for performing security-related request and response processing, and can be configured for a particular interception point and provider ID. The provider ID is an administrator-defined value. The standard interception points include:
- HTTP
- EJB
- SOAP
Information may be associated with a configured module, including its fully qualified class name (so it can be instantiated), and module options (which help tune the behavior of the module). It is the responsibility of the AuthConfig implementation to load any required module information.
Callers do not operate on AuthModules directly. Instead they rely on a ClientAuthContext or ServerAuthContext to manage the invocation of modules. A caller obtains an instance of ClientAuthContext or ServerAuthContext by calling the getClientAuthContext or getServerAuthContext method, respectively. Each method takes as arguments an intercept, an id, a requestPolicy, and a responsePolicy.
An AuthConfig implementation determines the modules to be invoked via the intercept and id values. It then encapsulates those modules in a ClientAuthContext or ServerAuthContext instance, and returns that instance. The returned object is responsible for instantiating, initializing, and invoking the configured modules (when called upon).
The module initializion step involves calling each configured module's AuthModule.initialize method. The received requestPolicy and responsePolicy are passed to this method. It is then the modules' responsibility, when invoked, to enforce these policies.
A system-wide AuthConfig instance can be retrieved by invoking getConfig. A default implementation is provided, and can be replaced by setting the value of the "authconfig.provider" security property (in the Java security properties file) to the fully qualified name of the desired implementation class. The Java security properties file is located in the file named <JAVA_HOME>/lib/security/java.security, where <JAVA_HOME> refers to the directory where the JDK was installed.
Version:

%I%, %G%

See Also:

ClientAuthContext, ServerAuthContext

Field Summary

Fields
Modifier and Type Field and Description

static String EJB
EJB interception point.

static String HTTP
HTTP interception point.

static String SOAP
SOAP interception point.

Fields
Modifier and Type	Field and Description
`static String`	`EJB` EJB interception point.
`static String`	`HTTP` HTTP interception point.
`static String`	`SOAP` SOAP interception point.

Constructor Summary

Constructors
Modifier Constructor and Description

protected AuthConfig()
Sole constructor.

Constructors
Modifier	Constructor and Description
`protected`	`AuthConfig()` Sole constructor.

Method Summary

All Methods Static Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`static AuthConfig`	`getAuthConfig()` Get a system-wide module configuration.
`abstract ClientAuthContext`	`getClientAuthContext(String intercept, String id, AuthPolicy requestPolicy, AuthPolicy responsePolicy, CallbackHandler handler)` Get a ClientAuthContext.
`abstract ServerAuthContext`	`getServerAuthContext(String intercept, String id, AuthPolicy requestPolicy, AuthPolicy responsePolicy, CallbackHandler handler)` Get a ServerAuthContext.
`abstract void`	`refresh()` Refresh the internal representation of the active configuration by re-reading the provider configs.
`static void`	`setAuthConfig(AuthConfig config)` Set a system-wide module configuration.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - HTTP
```
public static final String HTTP
```
    HTTP interception point.
    
    See Also:
    
    Constant Field Values
  - EJB
```
public static final String EJB
```
    EJB interception point.
    
    See Also:
    
    Constant Field Values
  - SOAP
```
public static final String SOAP
```
    SOAP interception point.
    
    See Also:
    
    Constant Field Values
- Constructor Detail
  - AuthConfig
```
protected AuthConfig()
```
    Sole constructor. (For invocation by subclass constructors, typically implicit.)
- Method Detail
  - getAuthConfig
```
public static AuthConfig getAuthConfig()
```
    Get a system-wide module configuration.
    If an AuthConfig object was set via the setAuthConfig method, then that object is returned. Otherwise, an instance of the AuthConfig object configured in the authconfig.provider security property is returned. If that property is not set, a default implementation is returned.
    
    Returns:
    
    a system-wide AuthConfig instance.
    
    Throws:
    
    SecurityException - if the caller does not have permission to retrieve the configuration.
  - setAuthConfig
```
public static void setAuthConfig(AuthConfig config)
```
    Set a system-wide module configuration.
    
    Parameters:
    
    config - the new configuration.
    
    Throws:
    
    SecurityException - if the caller does not have permission to set the configuration.
  - getClientAuthContext
```
public abstract ClientAuthContext getClientAuthContext(String intercept,
                                                       String id,
                                                       AuthPolicy requestPolicy,
                                                       AuthPolicy responsePolicy,
                                                       CallbackHandler handler)
                                                throws AuthException
```
    Get a ClientAuthContext.
    The modules configured for the returned ClientAuthContext are determined by the intercept and provider id input parameters. The returned ClientAuthContext may be null, which signifies that there are no modules configured.
    The returned ClientAuthContext encapsulates both the configured modules, as well as the module invocation semantics (for example the order modules are to be invoked, and whether certain modules must succeed). Individual ClientAuthContext implementations may enforce custom module invocation semantics.
    Parameters:
    intercept - the interception point used to determine the modules configured for the returned ClientAuthContext. Standard values include:
    
    HTTP
    EJB
    SOAP
    id - the provider id used to determine the modules configured for the returned ClientAuthContext, or null. If null, a default ID may be used.
    
    requestPolicy - the application request policy to be enfored by the modules, or null. If null, a default request policy may be used.
    
    responsePolicy - the application response policy to be enfored by the modules, or null. If null, a default response policy may be used.
    
    handler - the CallbackHandler to associate with the returned ClientAuthContext for use by configured modules to request information from the caller, or null. If null, a default handler may be used.
    
    Returns:
    
    a ClientAuthContext, or null.
    
    Throws:
    
    AuthException
  - getServerAuthContext
```
public abstract ServerAuthContext getServerAuthContext(String intercept,
                                                       String id,
                                                       AuthPolicy requestPolicy,
                                                       AuthPolicy responsePolicy,
                                                       CallbackHandler handler)
                                                throws AuthException
```
    Get a ServerAuthContext.
    The modules configured for the returned ServerAuthContext are determined by the intercept and provider id, input parameters. The returned ServerAuthContext may be null, which signifies that there are no modules configured.
    The returned ServerAuthContext encapsulates both the configured modules, as well as the module invocation semantics (for example the order modules are to be invoked, and whether certain modules must succeed). Individual ServerAuthContext implementations may enforce custom module invocation semantics.
    Parameters:
    intercept - the interception point used to determine the modules configured for the returned ServerAuthContext. Standard values include:
    
    HTTP
    EJB
    SOAP
    id - the provider id used to determine the modules configured for the returned ClientAuthContext, or null. If null, a default id may be used.
    
    requestPolicy - the application request policy to be enfored by the modules, or null. If null, a default request policy may be used.
    
    responsePolicy - the application response policy to be enfored by the modules, or null. If null, a default response policy may be used.
    
    handler - the CallbackHandler to associate with the returned ClientAuthContext, which can be used by configured modules to request information from the caller, or null. If null, a default handler may be used.
    
    Returns:
    
    a ServerAuthContext, or null.
    
    Throws:
    
    AuthException
  - refresh
```
public abstract void refresh()
                      throws AuthException
```
    Refresh the internal representation of the active configuration by re-reading the provider configs.
    
    Throws:
    
    AuthException

Class AuthConfig

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

HTTP

EJB

SOAP

Constructor Detail

AuthConfig

Method Detail

getAuthConfig

setAuthConfig

getClientAuthContext

getServerAuthContext

refresh