|
IBM WebSphereTM eXtreme Scale, Release 8.6 API Specification |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.ibm.websphere.objectgrid.security.plugins.builtins.WSTokenCredentialGenerator
public class WSTokenCredentialGenerator
This class represents a credential generator when running in WebSphere Application Server.
When the getCredential()
method is called, the Subject
associated with the current thread is retrieved. The security information in
this Subject object is converted into a WSTokenCredential
. This
credential object has enough information for the receiving side to rebuild
the security context.
This scenario takes advantage of the fact that the ObjectGrid client has already been authenticated. Since application servers housing ObjectGrid servers are in the same security domain as the application servers housing the ObjectGrid clients, the security tokens can be propagated from the ObjectGrid client to the ObjectGrid server so there is no need to re-authenticate to the same user registry.
Users can specify whether to retrieve a runAs subject or a caller subject
from the thread by using the RUN_AS_SUBJECT
or
CALLER_SUBJECT
constant.
WSTokenCredentialGenerator has a one to many relationship with WSTokenCredential because it can generate different WSTokenCredential objects based on what Subject is associated with the current thread.
WSTokenCredential
Field Summary | |
---|---|
static int |
CALLER_SUBJECT
A constant representing the caller Subject type |
static String |
CALLER_SUBJECT_STRING
A constant representing the caller Subject type |
static int |
RUN_AS_SUBJECT
A constant representing the runAs Subject type |
static String |
RUN_AS_SUBJECT_STRING
A constant representing the runAs Subject type |
Constructor Summary | |
---|---|
WSTokenCredentialGenerator()
Creates a new WSTokenCredentialGenerator with a default runAs subject type. |
|
WSTokenCredentialGenerator(int aType)
Creates a new WSTokenCredentialGenerator with the specified subject type. |
Method Summary | |
---|---|
Credential |
getCredential()
Creates a new WSTokenCredential object using this
object's using the security information from the Subject
associated with the current thread. |
int |
getType()
Gets the subject type. |
void |
setProperties(String properties)
Sets additional properties namely the subject type. |
void |
setType(int aType)
Sets the subject type, either RUN_AS_SUBJECT or
CALLER_SUBJECT . |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final int RUN_AS_SUBJECT
public static final int CALLER_SUBJECT
public static final String RUN_AS_SUBJECT_STRING
public static final String CALLER_SUBJECT_STRING
Constructor Detail |
---|
public WSTokenCredentialGenerator()
RUN_AS_SUBJECT
,
setProperties(String)
,
setType(int)
public WSTokenCredentialGenerator(int aType)
A valid subject type is either RUN_AS_SUBJECT
or
CALLER_SUBJECT
.
aType
- either RUN_AS_SUBJECT
or
CALLER_SUBJECT
IllegalArgumentException
- if the specified type is invalidCALLER_SUBJECT
,
RUN_AS_SUBJECT
Method Detail |
---|
public Credential getCredential() throws CannotGenerateCredentialException
WSTokenCredential
object using this
object's using the security information from the Subject
associated with the current thread.
getCredential
in interface CredentialGenerator
WSTokenCredential
instance
CannotGenerateCredentialException
- if an error occurs during
retrieval of the Subject's security information, see the cause
by exception for more informationCredentialGenerator.getCredential()
,
WSTokenCredential
public int getType()
setType(int)
method, the value from the
argument passed to the setProperties
method, or the default value of RUN_AS_SUBJECT
if the default constructor is usedRUN_AS_SUBJECT
,
setProperties(String)
,
setType(int)
public void setType(int aType)
RUN_AS_SUBJECT
or
CALLER_SUBJECT
.
aType
- the subject type
IllegalArgumentException
- if the specified type is invalidpublic void setProperties(String properties)
setProperties
in interface CredentialGenerator
properties
- the property should be either
RUN_AS_SUBJECT_STRING
or CALLER_SUBJECT_STRING
IllegalArgumentException
- if properties is not one of the expected
valuesCALLER_SUBJECT_STRING
,
RUN_AS_SUBJECT_STRING
|
IBM WebSphereTM eXtreme Scale, Release 8.6 API Specification |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |