diff options
author | Robert Gemmell <robbie@apache.org> | 2011-07-15 08:55:58 +0000 |
---|---|---|
committer | Robert Gemmell <robbie@apache.org> | 2011-07-15 08:55:58 +0000 |
commit | 5ff6cecfde7c56686e6b9376084fe9b025a1b29a (patch) | |
tree | 3b9ae06ccd183ece4ba220e82b1851e779559316 /java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationManager.java | |
parent | a391d12f254c7e3dec98c0de9dd60574039261e4 (diff) | |
download | qpid-python-5ff6cecfde7c56686e6b9376084fe9b025a1b29a.tar.gz |
QPID-3283: make Authentication Manager pluggable.
Refactors AuthenticationManager and collaborators to allow of AuthenticationManager to be plugged in from the configuration XML. Change PrincipalDatabaseAuthenticationManager to become a pluggable implementation. This change removes support for the <principal-databases> element within the config.xml. Existing use-cases are supported by the new element <pd-auth-manager/> which enables use of the PDAM implementation. Also resolves QPID-1347.
Applied patch by Keith Wall <keith.wall@gmail.com>
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1147036 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationManager.java')
-rw-r--r-- | java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationManager.java | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationManager.java b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationManager.java index c1ef4c8ff5..4c59c25d84 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationManager.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/auth/manager/AuthenticationManager.java @@ -20,18 +20,36 @@ */ package org.apache.qpid.server.security.auth.manager; +import javax.security.auth.Subject; import javax.security.sasl.SaslException; import javax.security.sasl.SaslServer; import org.apache.qpid.common.Closeable; +import org.apache.qpid.server.plugins.Plugin; import org.apache.qpid.server.security.auth.AuthenticationResult; /** - * The AuthenticationManager class is the entity responsible for - * determining the authenticity of user credentials. + * Implementations of the AuthenticationManager are responsible for determining + * the authenticity of a user's credentials. + * + * If the authentication is successful, the manager is responsible for producing a populated + * {@link Subject} containing the user's identity and zero or more principals representing + * groups to which the user belongs. + * <p> + * The {@link #initialise()} method is responsible for registering SASL mechanisms required by + * the manager. The {@link #close()} method must reverse this registration. + * */ -public interface AuthenticationManager extends Closeable +public interface AuthenticationManager extends Closeable, Plugin { + /** The name for the required SASL Server mechanisms */ + public static final String PROVIDER_NAME= "AMQSASLProvider-Server"; + + /** + * Initialise the authentication plugin. + * + */ + void initialise(); /** * Gets the SASL mechanisms known to this manager. |