Java Reference
In-Depth Information
Implementing the ServerAuthModule interface
The ServerAuthModule interfacecontainsfivemethodsthatmustbeimplemented
by the authentication module. These methods are the following:
initialize() : This method is used to initialize the module and retrieve ob-
jects necessary for the validation of access to resources.
getSupportedMessageTypes() : This method returns an array of objects
designating message types supported by the module. For example, for a
module that will be compatible with a Servlet Container profile, the returned
array will contain the HttpServletRequest.class and HttpSer-
vletResponse.class objects.
validateRequest() : This method is called by the container whenever an
HttpServletRequest isreceivedforprocessingoftheincomingmessage.
For this purpose, it receives from the container HttpServletRequest and
HttpServletResponse objects in the MessageInfo parameter. At the
end of request processing, this method must return a status that determines
the sequence of operations in the container.
secureResponse() : This method is called by the container at the time
of returning a response to a client. Very often, it should return the status
cleanSubject() : This method is used to remove one or several principles
of a subject argument.
The following code provides an example implementation of the ServerAuthMod-
ule interface methods:
public class ServerAuthModuleImpl implements
ServerAuthModule {
private MessagePolicy requestPolicy;
private CallbackHandler handler;
public void initialize(MessagePolicy
requestPolicy, MessagePolicy responsePolicy,
CallbackHandler handler, Map options) throws
AuthException {
this.requestPolicy = requestPolicy;
Search WWH ::

Custom Search