The authenticator is a locality constrained initial object reference that can be
obtained from the ORB using orb.resolve_initial_references("Authenticator").
It contains one method, authenticate, that takes realm name, principal
name, passphrase, and AuthenticationScheme and returns back an
AuthenticatedPrincipal.
package com.sssw.jbroker.api.security;
import java.rmi.RemoteException;
public interface Authenticator extends org.omg.CORBA.Object
{
public AuthenticatedPrincipal authenticate(AuthenticationScheme scheme,
String realm, String principalName, byte[] passphrase)
throws SecurityException, RemoteException;
}
The authenticator communicates with a remote Authenticator object running
inside the ORB daemon using private interfaces. The remote authenticator
is responsible for activating the realms and delegating the authentication
requests to them.
The scope of the AuthenticatedPrincipal is a trust domain. The
trust domain is one or more ORB installations that have the same trust
domain id. The trust domain id is an arbitrarily large string specified
by the ORBTrustDomainId property in the security.properties file
under the lib directory.
Two authentication schemes are supported - BASIC, and DIGEST. These are as defined in the HTTP 1.1 specification.
package com.sssw.jbroker.api.security;
public class AuthenticationScheme
{
public static AuthenticationScheme BASIC = new AuthenticationScheme();
public static AuthenticationScheme DIGEST = new AuthenticationScheme();
private AuthenticationScheme() {}
}
An AuthenticatedPrincipal represents an authenticated principal. It can
be used on the SecurityCurrent interface to set the identity of the current
thread, or for all threads that use the ORB instance.
package com.sssw.jbroker.api.security;
import java.io.Serializable;
import java.security.Principal;
public interface AuthenticatedPrincipal extends Serializable
{
Principal getPrincipal();
}
The AuthenticatedPrincipal objects are serializable. So, you can keep
around and use them later.
Copyright © 2003, 2004 Novell, Inc. All rights reserved. Copyright © 2001, 2002, 2003 SilverStream Software, LLC. All rights reserved.