blob: 44745dafeb7c9151912c53d85207d464402cad0c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
package com.c2kernel.process.auth;
import com.c2kernel.common.InvalidDataException;
import com.c2kernel.common.ObjectNotFoundException;
/**
* This interface is used by the kernel to store an authenticated connection
* and/or token that will be used by kernel components. The CRISTAL property
* 'Authenticator' is used to specify the implementation used. It is
* instantiated by the connect() methods of the Gateway, and will be found in
* the AgentProxy returned by connect(). Lookup and ClusterStorage instances are
* initialized with this Authenticator, which is expected to maintain the same
* user's connection through the process lifetime, reconnecting if the
* connection is lost.
*
* @since 3.0
*
*/
public interface Authenticator {
/**
* Authenticates a CRISTAL agent. If this method returns true, then the
* connect method will create and return an AgentProxy for the given
* username using the Lookup and ProxyManager.
*
* @param agentName
* The username of the Agent to be authenticated. This must be
* already present as an Agent in the CRISTAL directory.
* @param password
* The Agent's password
* @param resource
* The authentication resource/domain/realm of the agent.
* Included so that domains may include CRISTAL users from
* different realms. This parameter is passed into the connect()
* method if required. May be null.
* @return a boolean indicating if the authentication was successful. If so,
* then the Gateway will generate an AgentProxy for the given user.
* @throws ObjectNotFoundException
* When the Agent doesn't exist
* @throws InvalidDataException
* When authentication fails for another reason
*/
public boolean authenticate(String agentName, String password,
String resource) throws InvalidDataException,
ObjectNotFoundException;
/**
* Authenticates a superuser connection for the server. It must be able to
* act on behalf of any other Agent, as the server needs to do this.
* Credentials may be in the CRISTAL properties, or some other mechanism.
*
* @param resource
* @return
* @throws InvalidDataException
* @throws ObjectNotFoundException
*/
public boolean authenticate(String resource) throws InvalidDataException,
ObjectNotFoundException;
/**
* Lookup and storage implementations that need to use user or superuser
* authentication can retrieve it using this method. This will be highly
* implementation specific.
*
* @return the connection/token created during authentication
*/
public Object getAuthObject();
/**
* Close or expire the connection as the CRISTAL process shuts down.
*/
public void disconnect();
}
|
