Package org.glassfish.security.services.api.authentication

Interface AuthenticationService

All Superinterfaces:
SecurityService
All Known Implementing Classes:
AuthenticationServiceImpl
@Contract public interface AuthenticationService extends SecurityService
The AuthenticationService provides basic authentication functions. Consumers of the service must establish Subjects in any security context.

  • Method Summary

    Modifier and Type
    Method
    Description
    Subject
    impersonate(String user, String[] groups, Subject subject, boolean virtual)
    Impersonate a user, specifying the user and group principal names that should be established in the resulting Subject.
    Subject
    login(String username, char[] password, Subject subject)
    Log in a user with username and password.
    Subject
    login(CallbackHandler cbh, Subject subject)
    Authenticate using a CallbackHandler to provider username/password, X.509 certificate, or Secure Admin token.

    Methods inherited from interface org.glassfish.security.services.api.SecurityService

    initialize

  • Method Details

    • login

      Subject login(String username, char[] password, Subject subject) throws LoginException
      Log in a user with username and password.
      Parameters:
      username - The username.
      password - The password.
      subject - An optional Subject to receive principals and credentials for the logged in user. If provided, it will be returned as the return value; if not, a new Subject will be returned.
      Returns:
      A Subject representing the logged in user.
      Throws:
      LoginException

    • login

      Subject login(CallbackHandler cbh, Subject subject) throws LoginException
      Authenticate using a CallbackHandler to provider username/password, X.509 certificate, or Secure Admin token.
      Parameters:
      cbh - The CallbackHandler.
      subject - An optional Subject to receive principals and credentials for the logged in user. If provided, it will be returned as the return value; if not, a new Subject will be returned.
      Returns:
      A Subject representing the logged in user.
      Throws:
      LoginException

    • impersonate

      Subject impersonate(String user, String[] groups, Subject subject, boolean virtual) throws LoginException
      Impersonate a user, specifying the user and group principal names that should be established in the resulting Subject. Note that, that this method always behaves as if virtual were true in the case that the underlying user store provider does not support user lookup.
      Parameters:
      user - The username.
      groups - An array of group names. If virtual is true, group principals will be created using this array. If virtual is false and groups is non-null, it will be used to filter the groups returned by the configured UserStoreProvider.
      subject - An optional Subject to receive principals and credentials for the logged in user. If provided, it will be returned as the return value; if not, a new Subject will be returned.
      virtual - If true, simply create a subject with the given user and group names. If false, configured UserStoreProvider will be queried for the given username and a Subject created only if the user exists. Groups will be populated with the intersection of the groups parameter and the groups returned by the UserStoreProvider.
      Returns:
      A Subject representing the impersonated user.
      Throws:
      LoginException