org.yamcs.security (Yamcs :: Core 5.3.0 API)

Interface Summary
Interface	Description
AuthenticationToken	Tag interface that represent any kind of token submitted during login for identifying an application or user.
AuthModule	Interface implemented by the Authentication and Authorization modules.
ClearanceListener
PasswordHasher

Class Summary
Class	Description
Account	A `User` or an `ServiceAccount`
ApplicationCredentials	Credentials for identifying as an application, for example the singleton application that represents a service account.
AuthenticationInfo	Data holder for information related to a verified authentication attempt.
AuthorizationInfo	Collection of system and object privileges.
CryptoUtils
Directory	Stores user, group and application information in the Yamcs database.
DirectoryAuthModule	Identifies users and service accounts based on authentication information stored in the Yamcs `Directory`.
Group	A group is way to manage a set of users.
JaasConfiguration	Wrapper around the (weird) JAAS configuration API.
KerberosAuthModule	Does password-based login against a Kerberos host.
LdapAuthModule
ObjectPrivilege	An object privilege is the right to perform a particular action on an object.
ObjectPrivilegeType	Type qualifier for grouping object privileges.
OpenIDAuthModule	AuthModule that identifies users against an external identity provider compliant with OpenID Connect (OIDC).
OpenIDAuthModule.OpenIDAuthenticationInfo
PBKDF2PasswordHasher
RemoteUserAuthModule	AuthModule that identifies users based on an HTTP header property.
RemoteUserToken	A token that represents a username without any credentials, usually associated with remote user authentication on a reverse proxy.
Role	Collection of system and object privileges.
SecurityStore	Responsible for Identity and Access Management (IAM).
ServiceAccount	Represents an non-human service or application registered with Yamcs.
SingleUserAuthModule	An AuthModule that enforces a login of one fixed user account
SpnegoAuthModule	Implements SPNEGO authentication against an external Kerberos host.
SystemPrivilege	A system privilege is the right to perform a particular action or to perform an action on any object of a particular type.
ThirdPartyAuthorizationCode	Represents a token (or 'authorization_code' in oauth terms) issued by an external identity server.
User	A user contains identifying information and a convenient set of methods to perform access control.
UsernamePasswordToken	A password-based token, usually associated with BASIC AUTH requests (convenient through curl)
YamlAuthModule

Exception Summary
Exception	Description
AuthenticationException	Thrown when an `AuthModule` failed to perform the authentication process (backend not available, password does not match, ...).
AuthorizationException	Thrown when an `AuthModule` failed to perform the authorization process.

Package org.yamcs.security