AuthenticationServiceImpl (Nitido NiM 2.5 Java API (v2.5.10))

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.nitido.nimx.services.authentication.directory
Class AuthenticationServiceImpl

java.lang.Object
  com.nitido.nim.NiMKernelService
      com.nitido.nim.AuthenticationService
          com.nitido.nimx.services.authentication.directory.AuthenticationServiceImpl

All Implemented Interfaces:: CredentialConstants, NiMConstants

public class AuthenticationServiceImpl
extends AuthenticationService
implements CredentialConstants
extends AuthenticationService
implements CredentialConstants

This class provides a directory implementation for the NiM Authentication Service. That is, entity credentials are authenticated against a directory server. This implementation uses the JNDI implementation of Nitido Eximius Directory library. Currently, it does not supports any connection pool.

Field Summary
`static java.lang.String`	`AT_DN` Attribute name for the entity's distinguish name.
`static java.lang.String`	`CONF_KEY_DM_DN` Configuration key for the DN of the Directory Manager.
`static java.lang.String`	`CONF_KEY_DM_PWD` Configuration key for the Directory Manager's password.
`static java.lang.String`	`CONF_KEY_HOST` Configuration key for the directory host name.
`static java.lang.String`	`CONF_KEY_PORT` Configuration key for the directory port name.
`static java.lang.String`	`CONF_KEY_PREFIX_CREDMAP` Configuration key prefix for the credential map conversion settings.
`static java.lang.String`	`CONF_KEY_PWDNAME` Configuration key for the authentication password.

Fields inherited from interface com.nitido.nim.CredentialConstants
`CRED_ADMIN, CRED_CONTAINER, CRED_HELPDESK, CRED_SYSTEM, CRED_USER, KEY_PASSWORD`

Fields inherited from interface com.nitido.nim.NiMConstants
ACTION_CREATE_NUGGET, ACTION_CREATE_NUGGET_BY_NAME, ACTION_CRED_SPACE_ADD, ACTION_CRED_SPACE_GET_KEYS, ACTION_CRED_SPACE_GET_KEYS_START_WITH, ACTION_CRED_SPACE_GET_VALUE, ACTION_CRED_SPACE_GET_VALUES, ACTION_CRED_SPACE_MODIFY, ACTION_CRED_SPACE_REMOVE_VALUE, ACTION_CRED_SPACE_REMOVE_VALUES, ACTION_CRED_SPACE_REPLACE, ACTION_DEPROVISION_ENTITY, ACTION_ENTITY_CHANGE_CRED, ACTION_LOG_EVENT, ACTION_PROVISION_ENTITY, ACTION_USER_SPACE_ADD, ACTION_USER_SPACE_GET_KEYS, ACTION_USER_SPACE_GET_KEYS_START_WITH, ACTION_USER_SPACE_GET_VALUE, ACTION_USER_SPACE_GET_VALUES, ACTION_USER_SPACE_MODIFY, ACTION_USER_SPACE_REMOVE_VALUE, ACTION_USER_SPACE_REMOVE_VALUES, ACTION_USER_SPACE_REPLACE, CONF_PREFIX_SECURITY_ACCESS, CONF_PREFIX_SECURITY_ALLOW, CONF_PREFIX_SECURITY_ASSIGN, CONF_PREFIX_SECURITY_RESOURCE, PARAM_CHANGE_CRED, PARAM_DEPROVISION_CREDENTIAL, PARAM_EVENT_NAME, PARAM_MODIFIER_CONTAINER, PARAM_NUGGET_CREATE_CRED, PARAM_NUGGET_NAME, PARAM_NUGGET_SETTINGS, PARAM_NUGGET_TYPE, PARAM_PROVISION_DESCRIPTOR, PARAM_SPACE_KEY, PARAM_SPACE_KEYS_START_WITH, PARAM_SPACE_VALUE, PREFIX_ACCESS_CLASS_IN_PACKAGE

Fields inherited from interface com.nitido.nim.NiMConstants

ACTION_CREATE_NUGGET, ACTION_CREATE_NUGGET_BY_NAME, ACTION_CRED_SPACE_ADD, ACTION_CRED_SPACE_GET_KEYS, ACTION_CRED_SPACE_GET_KEYS_START_WITH, ACTION_CRED_SPACE_GET_VALUE, ACTION_CRED_SPACE_GET_VALUES, ACTION_CRED_SPACE_MODIFY, ACTION_CRED_SPACE_REMOVE_VALUE, ACTION_CRED_SPACE_REMOVE_VALUES, ACTION_CRED_SPACE_REPLACE, ACTION_DEPROVISION_ENTITY, ACTION_ENTITY_CHANGE_CRED, ACTION_LOG_EVENT, ACTION_PROVISION_ENTITY, ACTION_USER_SPACE_ADD, ACTION_USER_SPACE_GET_KEYS, ACTION_USER_SPACE_GET_KEYS_START_WITH, ACTION_USER_SPACE_GET_VALUE, ACTION_USER_SPACE_GET_VALUES, ACTION_USER_SPACE_MODIFY, ACTION_USER_SPACE_REMOVE_VALUE, ACTION_USER_SPACE_REMOVE_VALUES, ACTION_USER_SPACE_REPLACE, CONF_PREFIX_SECURITY_ACCESS, CONF_PREFIX_SECURITY_ALLOW, CONF_PREFIX_SECURITY_ASSIGN, CONF_PREFIX_SECURITY_RESOURCE, PARAM_CHANGE_CRED, PARAM_DEPROVISION_CREDENTIAL, PARAM_EVENT_NAME, PARAM_MODIFIER_CONTAINER, PARAM_NUGGET_CREATE_CRED, PARAM_NUGGET_NAME, PARAM_NUGGET_SETTINGS, PARAM_NUGGET_TYPE, PARAM_PROVISION_DESCRIPTOR, PARAM_SPACE_KEY, PARAM_SPACE_KEYS_START_WITH, PARAM_SPACE_VALUE, PREFIX_ACCESS_CLASS_IN_PACKAGE

Constructor Summary
`AuthenticationServiceImpl(NiMKernelServiceVisa visa)` This class constructor is used by NiMKernel to instantiate a new directory AuthenticationService.

Method Summary
`protected Credential`	`authenticateImpl(Credential cred)` This method is used to authenticate the given credential against a directory server.
`void`	`changeAuthenticationCredential(Credential oldCred, Credential newCred)` This method is used to change the identifying credentials on an entity.
`protected void`	`init(NiMKernel kernel, ConfigurationService confService)` This method is called by the NiMKernel to initialize the authentication service.

Methods inherited from class com.nitido.nim.AuthenticationService
`authenticate`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

CONF_KEY_HOST

public static final java.lang.String CONF_KEY_HOST

Configuration key for the directory host name.

See Also:: Constant Field Values

CONF_KEY_PORT

public static final java.lang.String CONF_KEY_PORT

Configuration key for the directory port name.

See Also:: Constant Field Values

CONF_KEY_PWDNAME

public static final java.lang.String CONF_KEY_PWDNAME

Configuration key for the authentication password.

See Also:: Constant Field Values

CONF_KEY_DM_DN

public static final java.lang.String CONF_KEY_DM_DN

Configuration key for the DN of the Directory Manager.

See Also:: Constant Field Values

CONF_KEY_DM_PWD

public static final java.lang.String CONF_KEY_DM_PWD

Configuration key for the Directory Manager's password.

See Also:: Constant Field Values

CONF_KEY_PREFIX_CREDMAP

public static final java.lang.String CONF_KEY_PREFIX_CREDMAP

Configuration key prefix for the credential map conversion settings.

See Also:: Constant Field Values

AT_DN

public static final java.lang.String AT_DN

Attribute name for the entity's distinguish name.

See Also:: Constant Field Values

Constructor Detail

AuthenticationServiceImpl

public AuthenticationServiceImpl(NiMKernelServiceVisa visa)

This class constructor is used by NiMKernel to instantiate a new directory AuthenticationService.

Parameters:: visa - Reference to the NiMKernelServiceVisa object required to instantiate the service. This parameter is required to ensure that only the NiMkernel can instantiate a reference to this service.

Method Detail

init

protected void init(NiMKernel kernel,
                    ConfigurationService confService)
             throws InitializationFailedException,
                    NiMException

This method is called by the NiMKernel to initialize the authentication service.

Specified by:: init in class AuthenticationService

Parameters:

kernel - Reference to the Kernel that instantiated and initialized this service.

confService - Reference to the ConfigurationService. The ConfigurationService must provide all of the following settings in order to initialize this service successfully.

com.nitido.nimx.services.authentication.directory.host - Directory host name (CONF_KEY_HOST)
com.nitido.nimx.services.authentication.directory.port - Directory port number (CONF_KEY_PORT)
com.nitido.nimx.services.authentication.directory.pwdname - Password's attribute name (CONF_KEY_PWDNAME)

Throws:

InitializationFailedException - If unable to initialize the kernel service.

NiMException - If service initialization can not be done due to failure in establish a connection to the back-end service.

authenticateImpl

protected Credential authenticateImpl(Credential cred)
                               throws AuthenticationFailedException,
                                      IllegalCredentialException,
                                      NiMException

This method is used to authenticate the given credential against a directory server. This method retrieves the following settings from the configuration service:

The distinguish name prefix for the entity type being authenticated.
The distinguish name postfix for the entity type being authenticated.
The name of the token key in the credential object that holds the entity's authentication password.

Specified by:: authenticateImpl in class AuthenticationService

Parameters:: cred - The credential to authenticate against the directory
Returns:: The Entity's authenticated Credential. NOTE: even if the credential tokens are not changed during the authentication process, this method should always return a clone of the original Credential. It should never return the original credential.
Throws:: IllegalCredentialException - If the credential is invalid or the configuration settings do not support the given entity type.; AuthenticationFailedException - If unable to authenticate the given credential because of incorrect user id/password combination.; NiMException - If unable to establish connection to the directory server.

changeAuthenticationCredential

public void changeAuthenticationCredential(Credential oldCred,
                                           Credential newCred)
                                    throws AuthenticationFailedException,
                                           IllegalCredentialException,
                                           NiMException

Description copied from class: AuthenticationService

This method is used to change the identifying credentials on an entity.

Specified by:: changeAuthenticationCredential in class AuthenticationService

Parameters:: oldCred - The original credential; newCred - The new credential
Throws:: AuthenticationFailedException - If unable to authenticate the given credential; IllegalCredentialException - If the credential is invalid or belongs to a type that is not supported by this AuthenticationService.; NiMException - If the kernel service fails to connect to back-end authentication system.