Authentication (Moria Web Frontends 1.1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

no.feide.moria.webservices.v2_2
Interface Authentication

All Superinterfaces:: java.rmi.Remote

All Known Implementing Classes:: AuthenticationImpl

public interface Authentication
extends java.rmi.Remote
extends java.rmi.Remote

Defines v2.1 of the Moria2 SOAP interface.

Method Summary
`Attribute[]`	`directNonInteractiveAuthentication(java.lang.String[] attributes, java.lang.String username, java.lang.String password)` Performs direct non-interactive authentication.
`java.lang.String`	`getProxyTicket(java.lang.String ticketGrantingTicket, java.lang.String proxyServicePrincipal)` Gets a proxy ticket.
`Attribute[]`	`getUserAttributes(java.lang.String serviceTicket)` Gets user attributes.
`java.lang.String`	`initiateAuthentication(java.lang.String[] attributes, java.lang.String returnURLPrefix, java.lang.String returnURLPostfix, boolean forceInteractiveAuthentication)` Initiates authentication.
`Attribute[]`	`proxyAuthentication(java.lang.String[] attributes, java.lang.String proxyTicket)` Performs proxy authentication.
`boolean`	`verifyUserExistence(java.lang.String username)` Verifies the existence of a given user in the underlying directories.

Method Detail

initiateAuthentication

java.lang.String initiateAuthentication(java.lang.String[] attributes,
                                        java.lang.String returnURLPrefix,
                                        java.lang.String returnURLPostfix,
                                        boolean forceInteractiveAuthentication)
                                        throws AuthorizationFailedException,
                                               IllegalInputException,
                                               InternalException

Initiates authentication. This is the initial call done by a service to start a login attempt.

Parameters:: attributes - The attributes the service wants returned on login.; returnURLPrefix - The prefix of the URL the user is to be returned to after successful authentication.; returnURLPostfix - The optional postfix of the return URL.; forceInteractiveAuthentication - If true, user is forced through authentication even if SSO is possible.
Returns:: An URL to which the client is to be redirected to for authentication.
Throws:: AuthorizationFailedException - If the service is now allowed to perform this operation, or if the service is not allowed to read one or more of the requested attributes.; IllegalInputException - If the method is called with illegal parameters, such as a returnURLPrefix/ returnURLPostfix combination that does not yield a valid URL.; InternalException - If an internal problem prevents Moria2 from performing this operation.

directNonInteractiveAuthentication

Attribute[] directNonInteractiveAuthentication(java.lang.String[] attributes,
                                               java.lang.String username,
                                               java.lang.String password)
                                               throws AuthorizationFailedException,
                                                      AuthenticationFailedException,
                                                      AuthenticationUnavailableException,
                                                      IllegalInputException,
                                                      InternalException

Performs direct non-interactive authentication. A redirect- and HTML-less login method. Only to be used in special cases where the client for some reason does not support the standard login procedure. Inherently insecure as the service will have knowledge of the plaintext password.

Parameters:: attributes - The attributes the service wants returned following authentication.; username - The user name of the user to be authenticated.; password - The password of the user to be authenticated.
Returns:: Array of attributes as requested.
Throws:: AuthorizationFailedException - If the service is now allowed to perform this operation, or if the service is not allowed to read one or more of the requested attributes.; AuthenticationFailedException - If the user credentials (given by username/ password) are not valid.; AuthenticationUnavailableException - If the third-party authentication server responsible for authenticating this user is not available.; IllegalInputException - If the method is called with illegal parameters.; InternalException - If an internal problem prevents Moria2 from performing this operation.

proxyAuthentication

Attribute[] proxyAuthentication(java.lang.String[] attributes,
                                java.lang.String proxyTicket)
                                throws AuthorizationFailedException,
                                       IllegalInputException,
                                       InternalException,
                                       UnknownTicketException

Performs proxy authentication. Called by a subsystem to authenticate a user.

Parameters:: attributes - The attributes the service wants returned following proxy authentication.; proxyTicket - The proxy ticket given to the calling system by its initiator.
Returns:: Array of attributes as requested.
Throws:: AuthorizationFailedException - If the service is now allowed to perform this operation, or if the service is not allowed to read one or more of the requested attributes.; IllegalInputException - If the method is called with illegal parameters.; InternalException - If an internal problem prevents Moria2 from performing this operation.; UnknownTicketException - If the proxy ticket given by proxyTicket does not match an existing and valid session.

getProxyTicket

java.lang.String getProxyTicket(java.lang.String ticketGrantingTicket,
                                java.lang.String proxyServicePrincipal)
                                throws AuthorizationFailedException,
                                       IllegalInputException,
                                       InternalException,
                                       UnknownTicketException

Gets a proxy ticket. A service may as part of the initial attribute request ask for a ticket granting ticket that later may be used in this call. The returned proxy ticket is to be handed over to the specified underlying system and may be used by that system only to authenticate the request.

Parameters:: ticketGrantingTicket - A TGT that has been issued previously.; proxyServicePrincipal - The service which the proxy ticket should be issued for.
Returns:: A proxy ticket.
Throws:: AuthorizationFailedException - If the service is now allowed to perform this operation.; IllegalInputException - If the method is called with illegal parameters.; InternalException - If an internal problem prevents Moria2 from performing this operation.; UnknownTicketException - If the ticket granting ticket given by ticketGrantingTicket does not match an existing and valid session.

getUserAttributes

Attribute[] getUserAttributes(java.lang.String serviceTicket)
                              throws AuthorizationFailedException,
                                     IllegalInputException,
                                     InternalException,
                                     UnknownTicketException

Gets user attributes. Called by the service when the user returns after a successful login.

Parameters:: serviceTicket - The ticket included in the return request issued by the client.
Returns:: Array of attributes as requested in initiateAuthentication.
Throws:: AuthorizationFailedException - If the service is now allowed to perform this operation.; IllegalInputException - If the method is called with an illegal parameter.; InternalException - If an internal problem prevents Moria2 from performing this operation.; UnknownTicketException - If the service ticket given by serviceTicket does not match an existing or valid session.

verifyUserExistence

boolean verifyUserExistence(java.lang.String username)
                            throws AuthorizationFailedException,
                                   AuthenticationUnavailableException,
                                   IllegalInputException,
                                   InternalException

Verifies the existence of a given user in the underlying directories.

Parameters:: username - The username to be validated.
Returns:: true if the user is found, otherwise false.
Throws:: AuthorizationFailedException - If the service is now allowed to perform this operation.; AuthenticationUnavailableException - If the authentication server where this user belongs is not available.; IllegalInputException - If the method is called with an illegal parameter.; InternalException - If an internal problem prevents Moria2 from performing this operation.