Java Reference
In-Depth Information
Implementing the ServerAuthModule interface
The
ServerAuthModule
interfacecontainsfivemethodsthatmustbeimplemented
by the authentication module. These methods are the following:
•
initialize()
: This method is used to initialize the module and retrieve ob-
jects necessary for the validation of access to resources.
•
getSupportedMessageTypes()
: This method returns an array of objects
designating message types supported by the module. For example, for a
module that will be compatible with a Servlet Container profile, the returned
array will contain the
HttpServletRequest.class
and
HttpSer-
vletResponse.class
objects.
•
validateRequest()
: This method is called by the container whenever an
HttpServletRequest
isreceivedforprocessingoftheincomingmessage.
For this purpose, it receives from the container
HttpServletRequest
and
HttpServletResponse
objects in the
MessageInfo
parameter. At the
end of request processing, this method must return a status that determines
the sequence of operations in the container.
•
secureResponse()
: This method is called by the container at the time
of returning a response to a client. Very often, it should return the status
SEND_SUCCESS
.
•
cleanSubject()
: This method is used to remove one or several principles
of a subject argument.
The following code provides an example implementation of the
ServerAuthMod-
ule
interface methods:
public class ServerAuthModuleImpl implements
ServerAuthModule {
private MessagePolicy requestPolicy;
private CallbackHandler handler;
public void initialize(MessagePolicy
requestPolicy, MessagePolicy responsePolicy,
CallbackHandler handler, Map options) throws
AuthException {
this.requestPolicy = requestPolicy;
