The authenticator is a locality constrained initial object reference that can be obtained from the ORB using orb.resolve_initial_references("Authenticator"). It contains one method, authenticate, that takes realm name, principal name, passphrase, and AuthenticationScheme and returns back an AuthenticatedPrincipal.The authenticator communicates with a remote Authenticator object running inside the ORB daemon using private interfaces. The remote authenticator is responsible for activating the realms and delegating the authentication requests to them.
package com.sssw.jbroker.api.security;
import java.rmi.RemoteException;
public interface Authenticator extends org.omg.CORBA.Object
{
public AuthenticatedPrincipal authenticate(AuthenticationScheme scheme,
String realm, String principalName, byte[] passphrase)
throws SecurityException, RemoteException;
}The scope of the AuthenticatedPrincipal is a trust domain. The trust domain is one or more ORB installations that have the same trust domain id. The trust domain id is an arbitrarily large string specified by the ORBTrustDomainId property in the security.properties file under the lib directory.
AuthenticationScheme
Two authentication schemes are supported - BASIC, and DIGEST. These are as defined in the HTTP 1.1 specification.
package com.sssw.jbroker.api.security;
public class AuthenticationScheme
{
public static AuthenticationScheme BASIC = new AuthenticationScheme();
public static AuthenticationScheme DIGEST = new AuthenticationScheme();
private AuthenticationScheme() {}
}AuthenticatedPrincipal
An AuthenticatedPrincipal represents an authenticated Principal. It can be used on the SecurityCurrent interface to set the identity of the current thread, or for all threads that use the ORB instance.The AuthenticatedPrinciapal objects are serializable. So, you can keep around and use them later.
package com.sssw.jbroker.api.security; import java.io.Serializable;
import java.security.Principal;public interface AuthenticatedPrincipal extends Serializable
{
Principal getPrincipal();
}
Copyright © 1998-2003, Novell, Inc. All rights reserved.