org.codice.ddf.security.handler.api

Class BaseAuthenticationToken

java.lang.Object

org.codice.ddf.security.handler.api.BaseAuthenticationToken

All Implemented Interfaces:

Serializable, org.apache.shiro.authc.AuthenticationToken

Direct Known Subclasses:

BSTAuthenticationToken, SAMLAuthenticationToken

public class BaseAuthenticationToken
extends Object
implements org.apache.shiro.authc.AuthenticationToken

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
static String	ALL_REALM
protected Object	credentials Represents the credentials submitted by the user during the authentication process that verifies the submitted Principal account identity.
static String	DEFAULT_REALM
protected Object	principal Represents the account identity submitted during the authentication process.
protected String	realm Represents the realm within which the principal and the credentials have meaning.

Constructor Summary

Constructors

Constructor and Description
BaseAuthenticationToken(Object principal, String realm, Object credentials)

Method Summary

Modifier and Type	Method and Description
Object	getCredentials()
String	getCredentialsAsXMLString() Returns the credentials as an XML string suitable for injecting into a STS request.
Object	getPrincipal()
String	getRealm()
boolean	isUseWssSts()
protected void	setCredentials(Object o)
void	setUseWssSts(boolean useWssSts)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_REALM

public static final String DEFAULT_REALM

See Also:

Constant Field Values

ALL_REALM

public static final String ALL_REALM

See Also:

Constant Field Values

principal

protected Object principal

Represents the account identity submitted during the authentication process.

Most application authentications are username/password based and have this object represent a username. However, this can also represent the DN from an X509 certificate, or any other unique identifier.

Ultimately, the object is application specific and can represent any account identity (user id, X.509 certificate, etc).

credentials

protected Object credentials

Represents the credentials submitted by the user during the authentication process that verifies the submitted Principal account identity.

Most application authentications are username/password based and have this object represent a submitted password.

Ultimately, the credentials Object is application specific and can represent any credential mechanism.

realm

protected String realm

Represents the realm within which the principal and the credentials have meaning. This information is encoded into the BST and is available for use on the processing side of the STS services.

Constructor Detail

BaseAuthenticationToken

public BaseAuthenticationToken(Object principal,
                               String realm,
                               Object credentials)

Method Detail

getPrincipal

public Object getPrincipal()

Specified by:

getPrincipal in interface org.apache.shiro.authc.AuthenticationToken

getCredentials

public Object getCredentials()

Specified by:

getCredentials in interface org.apache.shiro.authc.AuthenticationToken

setCredentials

protected void setCredentials(Object o)

isUseWssSts

public boolean isUseWssSts()

setUseWssSts

public void setUseWssSts(boolean useWssSts)

getRealm

public String getRealm()

getCredentialsAsXMLString

public String getCredentialsAsXMLString()

Returns the credentials as an XML string suitable for injecting into a STS request. This default behavior assumes that the credentials actually are stored in their XML representation. If a subclass stores them differently, it is up to them to override this method.

Returns:

String containing the XML representation of this token's credentials