All Known Implementing Classes:

DirectoryAuthModule, KerberosAuthModule, LdapAuthModule, OpenIDAuthModule, RemoteUserAuthModule, SingleUserAuthModule, SpnegoAuthModule, YamlAuthModule
```
public interface AuthModule
```
Interface implemented by the Authentication and Authorization modules. The AuthModule has to associate to each user AuthenticationInfo that may contain contextual security properties. Based on this AuthHandler will generate a JWT token which is passed between the client and the server with each request.

Method Summary

All Methods Instance Methods Abstract Methods Default Methods
Modifier and Type	Method	Description
`default void`	`authenticationSucceeded(AuthenticationInfo authenticationInfo)`	Hook that is called on all AuthModules when a login attempt was successful.
`AuthenticationInfo`	`getAuthenticationInfo(AuthenticationToken token)`	Identify the subject based on the given information.
`AuthorizationInfo`	`getAuthorizationInfo(AuthenticationInfo authenticationInfo)`	Retrieve access control information based on the given AuthenticationInfo.
`Spec`	`getSpec()`	Returns the valid configuration of the input args of this AuthModule.
`void`	`init(YConfiguration args)`	Initialize this AuthModule.
`boolean`	`verifyValidity(AuthenticationInfo authenticationInfo)`	Verify if previously generated authentication info is (still) valid.

- Method Detail
  - getSpec
```
Spec getSpec()
```
    Returns the valid configuration of the input args of this AuthModule.
    
    Returns:
    
    the argument specification.
  - init
```
void init(YConfiguration args)
   throws InitException
```
    Initialize this AuthModule.
    
    Parameters:
    
    args - The configured arguments for this AuthModule. If getSpec() is implemented then this contains the arguments after being validated (including any defaults).
    
    Throws:
    
    InitException - When something goes wrong during the execution of this method.
  - getAuthenticationInfo
```
AuthenticationInfo getAuthenticationInfo(AuthenticationToken token)
                                  throws AuthenticationException
```
    Identify the subject based on the given information.
    
    Parameters:
    
    token -
    
    Returns:
    
    an info object containing the principal of the subject, or null if the login failed
    
    Throws:
    
    AuthenticationException
  - authenticationSucceeded
```
default void authenticationSucceeded(AuthenticationInfo authenticationInfo)
```
    Hook that is called on all AuthModules when a login attempt was successful.
    An example use case is an LDAP AuthModule that queries for additional user information after a successful Kerberos login.
    The default implementation does nothing.
  - getAuthorizationInfo
```
AuthorizationInfo getAuthorizationInfo(AuthenticationInfo authenticationInfo)
                                throws AuthorizationException
```
    Retrieve access control information based on the given AuthenticationInfo. This AuthenticationInfo may have been generated by a different AuthModule.
    
    Returns:
    
    an info object containing role/privilege information of the subject
    
    Throws:
    
    AuthorizationException
  - verifyValidity
```
boolean verifyValidity(AuthenticationInfo authenticationInfo)
```
    Verify if previously generated authentication info is (still) valid. For example, if the authentication info references an externally issued expiring ticket, this can be validated here.
    This method is called very frequently, so implementations must take care to limit external requests.
    
    Parameters:
    
    authenticationInfo - information relevant to the authentication process
    
    Returns:
    
    true if the authentication info is valid, false otherwise

Interface AuthModule

Method Summary

Method Detail

getSpec

init

getAuthenticationInfo

authenticationSucceeded

getAuthorizationInfo

verifyValidity