|
xmlBlaster 2.2.0 API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.xmlBlaster.authentication.plugins.ldap.Session
public class Session
This implements the session AND the subject interface in the same class.
LdapGateway
Field Summary | |
---|---|
protected boolean |
authenticated
|
protected LdapGateway |
ldap
|
private static java.util.logging.Logger |
log
|
protected java.lang.String |
loginName
|
private static java.lang.String |
ME
|
protected Manager |
secMgr
|
protected java.lang.String |
sessionId
|
Constructor Summary | |
---|---|
Session(Manager sm,
java.lang.String sessionId)
|
Method Summary | |
---|---|
void |
changeSecretSessionId(java.lang.String sessionId)
The current implementation of the user session handling (especially Authenticate.connect(org.xmlBlaster.engine.qos.ConnectQosServer, String) )
cannot provide a real sessionId when this object is created. |
MsgUnitRaw |
exportMessage(CryptDataHolder dataHolder)
Encrypt, sign, seal an outgoing message. |
I_Manager |
getManager()
How controls this session? |
java.lang.String |
getName()
Get the subjects login-name. |
java.lang.String |
getSecretSessionId()
Return the id of this session. |
I_Subject |
getSubject()
Get the owner of this session. |
MsgUnitRaw |
importMessage(CryptDataHolder dataHolder)
Decrypt, check, unseal etc an incomming message. |
ConnectQosServer |
init(ConnectQosServer connectQos,
java.util.Map map)
Initialize the session with useful information. |
java.lang.String |
init(I_SecurityQos securityQos)
Initialize a new session and do the credential check. |
java.lang.String |
interceptExeptionByAuthorizer(java.lang.Throwable throwable,
SessionHolder sessionHolder,
DataHolder dataHolder)
If an exception occurrs after successful authorization the security framework has the chance to suppress the exception by returning a return QOS |
boolean |
isAuthorized(SessionHolder sessionHolder,
DataHolder dataHolder)
Check if this subject instance is permitted to do something |
boolean |
verify(I_SecurityQos securityQos)
Allows to check the given securityQos again. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
private static final java.lang.String ME
protected final Manager secMgr
private static java.util.logging.Logger log
protected java.lang.String sessionId
protected boolean authenticated
protected final LdapGateway ldap
protected java.lang.String loginName
Constructor Detail |
---|
public Session(Manager sm, java.lang.String sessionId) throws XmlBlasterException
XmlBlasterException
Method Detail |
---|
public ConnectQosServer init(ConnectQosServer connectQos, java.util.Map map) throws XmlBlasterException
I_Session
Is called before I_Session.init(I_SecurityQos)
which does the authentication
init
in interface I_Session
connectQos
- The current login informationmap
- Additional information, is currently null
XmlBlasterException
I_Session.init(ConnectQosServer, Map)
public java.lang.String init(I_SecurityQos securityQos) throws XmlBlasterException
I_Session
init
in interface I_Session
XmlBlasterException
- The initialization failed (key exchange, authentication ... failed)#init(String)
public boolean verify(I_SecurityQos securityQos)
I_Session
Note:
verify
in interface I_Session
I_Session.verify(I_SecurityQos)
public java.lang.String getName()
I_Subject
getName
in interface I_Subject
public boolean isAuthorized(SessionHolder sessionHolder, DataHolder dataHolder)
I_Session
isAuthorized
in interface I_Session
sessionHolder
- Holding information about the subject which requires rightsdataHolder
- Holding information about the data which shall be accessed
EXAMPLE:
isAuthorized("publish", "thisIsAMessageKey");
The above line checks if this subject is permitted to >>publish<<
a message under the key >>thisIsAMessageKey<<
Known action keys:
publish, subscribe, get, erase, ...public void changeSecretSessionId(java.lang.String sessionId) throws XmlBlasterException
I_Session
Authenticate.connect(org.xmlBlaster.engine.qos.ConnectQosServer, String)
)
cannot provide a real sessionId when this object is created. Thus, it
uses a temporary id first and changes it to the real in a later step.The purpose of this method is to enable this functionality.
changeSecretSessionId
in interface I_Session
XmlBlasterException
- Thrown if the new sessionId is already in use.public java.lang.String getSecretSessionId()
I_Session
getSecretSessionId
in interface I_Session
public I_Subject getSubject()
I_Session
getSubject
in interface I_Session
public I_Manager getManager()
I_Session
getManager
in interface I_Session
public MsgUnitRaw importMessage(CryptDataHolder dataHolder) throws XmlBlasterException
I_MsgSecurityInterceptor
importMessage
in interface I_MsgSecurityInterceptor
dataHolder
- A container holding the MsgUnitRaw and some additional informations
XmlBlasterException
- Thrown i.e. if the message has been modifiedI_MsgSecurityInterceptor.exportMessage(CryptDataHolder)
public MsgUnitRaw exportMessage(CryptDataHolder dataHolder) throws XmlBlasterException
I_MsgSecurityInterceptor
exportMessage
in interface I_MsgSecurityInterceptor
dataHolder
- A container holding the MsgUnitRaw and some additional informations
XmlBlasterException
- Thrown if the message cannot be processedI_MsgSecurityInterceptor.importMessage(CryptDataHolder)
public java.lang.String interceptExeptionByAuthorizer(java.lang.Throwable throwable, SessionHolder sessionHolder, DataHolder dataHolder)
I_Session
A dummy implementation should always return null!
A dead message can be produced like this:
SessionInfo sessionInfo = sessionHolder.getSessionInfo(); try { return sessionInfo.getMsgErrorHandler().handleErrorSync(new MsgErrorInfo(glob, sessionInfo.getSessionName(), dataHolder.getMsgUnit(), throwable)); } catch (XmlBlasterException e) { e.printStackTrace(); return null; }
interceptExeptionByAuthorizer
in interface I_Session
|
xmlBlaster 2.2.0 API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |