Package com.netscape.cms.authentication
Class AgentCertAuthentication
java.lang.Object
org.dogtagpki.server.authentication.AuthManager
com.netscape.cms.authentication.AgentCertAuthentication
Certificate server agent authentication.
Maps a SSL client authenticate certificate to a user (agent) entry in the
internal database.
- Version:
- $Revision$, $Date$
-
Field Summary
FieldsFields inherited from class org.dogtagpki.server.authentication.AuthManager
AUTHENTICATED_NAME, authenticationConfig, CRED_CERT_SERIAL_TO_REVOKE, CRED_CMC_SELF_SIGNED, CRED_CMC_SIGNING_CERT, CRED_HOST_NAME, CRED_SESSION_ID, CRED_SSL_CLIENT_CERT, engine, mConfig, mConfigParams, mImplName, mName
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionauthenticate
(AuthCredentials authCred) authenticates user(agent) by certificateRetrieves the localizable name of this policy.String[]
get the list of authentication credential attribute names required by this authentication manager.Retrieves the localizable description of this policy.getValueDescriptor
(Locale locale, String name) Retrieves the descriptor of the given value parameter by name.Retrieves a list of names of the value parameter.void
init
(ConfigStore config) Initializes this default policy.void
init
(AuthenticationConfig authenticationConfig, String name, String implName, AuthManagerConfig config) initializes the CertUserDBAuthentication auth managerboolean
Checks if this authenticator requires SSL client authentication.boolean
isValueWriteable
(String name) Checks if the value of the given property should be serializable into the request.void
Populates authentication specific information into the request for auditing purposes.void
shutdown()
prepare this authentication manager for shutdown.Methods inherited from class org.dogtagpki.server.authentication.AuthManager
getAuthenticationConfig, getCMSEngine, getConfigParams, getConfigStore, getImplName, getName, setAuthenticationConfig, setCMSEngine
-
Field Details
-
logger
public static org.slf4j.Logger logger -
CRED_CERT
- See Also:
-
mRequiredCreds
-
-
Constructor Details
-
AgentCertAuthentication
public AgentCertAuthentication()
-
-
Method Details
-
init
public void init(AuthenticationConfig authenticationConfig, String name, String implName, AuthManagerConfig config) throws EBaseException initializes the CertUserDBAuthentication auth managercalled by AuthSubsystem init() method, when initializing all available authentication managers.
- Specified by:
init
in classAuthManager
- Parameters:
name
- The name of this authentication manager instance.implName
- The name of the authentication manager plugin.config
- The configuration store for this authentication manager.- Throws:
EBaseException
- If an initialization error occurred.
-
isSSLClientRequired
public boolean isSSLClientRequired()Description copied from class:AuthManager
Checks if this authenticator requires SSL client authentication.- Specified by:
isSSLClientRequired
in classAuthManager
- Returns:
- client authentication required or not
-
authenticate
public AuthToken authenticate(AuthCredentials authCred) throws EMissingCredential, EInvalidCredentials, EBaseException authenticates user(agent) by certificatecalled by other subsystems or their servlets to authenticate users (agents)
- Specified by:
authenticate
in classAuthManager
- Parameters:
authCred
- - authentication credential that contains an usrgrp.Certificates of the user (agent)- Returns:
- the authentication token that contains the following
- Throws:
EMissingCredential
- If a required credential for this authentication manager is missing.EInvalidCredentials
- If credentials cannot be authenticated.EBaseException
- If an internal error occurred.- See Also:
-
getRequiredCreds
get the list of authentication credential attribute names required by this authentication manager. Generally used by the servlets that handle agent operations to authenticate its users. It calls this method to know which are the required credentials from the user (e.g. Javascript form data)- Specified by:
getRequiredCreds
in classAuthManager
- Returns:
- attribute names in Vector
-
shutdown
public void shutdown()prepare this authentication manager for shutdown.- Specified by:
shutdown
in classAuthManager
-
init
Description copied from class:AuthManager
Initializes this default policy.- Specified by:
init
in classAuthManager
- Parameters:
config
- configuration store- Throws:
EProfileException
- failed to initialize
-
getName
Retrieves the localizable name of this policy.- Overrides:
getName
in classAuthManager
- Parameters:
locale
- end user locale- Returns:
- localized authenticator name
-
getText
Retrieves the localizable description of this policy.- Specified by:
getText
in classAuthManager
- Parameters:
locale
- end user locale- Returns:
- localized authenticator description
-
getValueNames
Retrieves a list of names of the value parameter.- Specified by:
getValueNames
in classAuthManager
- Returns:
- a list of property names
-
isValueWriteable
Description copied from class:AuthManager
Checks if the value of the given property should be serializable into the request. Passsword or other security-related value may not be desirable for storage.- Specified by:
isValueWriteable
in classAuthManager
- Parameters:
name
- property name- Returns:
- true if the property is not security related
-
getValueDescriptor
Retrieves the descriptor of the given value parameter by name.- Specified by:
getValueDescriptor
in classAuthManager
- Parameters:
locale
- user localename
- property name- Returns:
- descriptor of the requested property
-
populate
Description copied from class:AuthManager
Populates authentication specific information into the request for auditing purposes.- Specified by:
populate
in classAuthManager
- Parameters:
token
- authentication tokenrequest
- request- Throws:
EProfileException
- failed to populate
-