SamVerifier (ApacheDS 1.0.2 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.directory.server.kerberos.sam
Interface SamVerifier

public interface SamVerifier

Single-use Authentication Mechanism verifier (subsystem) interface. SamVerifiers are modules that can be configured and are dynamically loaded as needed. Implementations have a few requirements and things implementors should know:

A public default constructor is required,
after instantitation environment properties are supplied,
next the KeyIntegrityChecker is set for the verifier,
finally the verifier is started up by calling startup(), incidentally this is where all initialization work should be done using the environment properties supplied.

Version:: $Rev: 434436 $
Author:: Apache Directory Project

Method Summary
`SamType`	`getSamType()` Gets the registered SAM algorithm type implemented by this SamVerifier.
`void`	`setIntegrityChecker(KeyIntegrityChecker keyChecker)` SamVerifiers require a KeyIntegrityChecker to calculate the integrity of a generated KerberosKey.
`void`	`setUserContext(javax.naming.directory.DirContext userContext)` sets the user context where users are stored for the primary realm
`void`	`shutdown()` Shuts down one of many pluggable SAM type subsystem
`void`	`startup()` Starts one of many pluggable SAM type subsystem
`javax.security.auth.kerberos.KerberosKey`	`verify(javax.security.auth.kerberos.KerberosPrincipal principal, byte[] sad)` Verifies the single use password supplied.

Method Detail

startup

void startup()
             throws SamException

Starts one of many pluggable SAM type subsystem

Throws:: SamException

shutdown

void shutdown()

Shuts down one of many pluggable SAM type subsystem

setIntegrityChecker

void setIntegrityChecker(KeyIntegrityChecker keyChecker)

SamVerifiers require a KeyIntegrityChecker to calculate the integrity of a generated KerberosKey. The Kerberos service exposes this interface and supplies it to the verifier to check generated keys to conduct the verification workflow.

Parameters:: keyChecker - the integrity checker that validates whether or not a key can decrypt-decode preauth data (an encryped-encoded generalized timestamp)

verify

javax.security.auth.kerberos.KerberosKey verify(javax.security.auth.kerberos.KerberosPrincipal principal,
                                                byte[] sad)
                                                throws SamException

Verifies the single use password supplied.

Parameters:: principal - the kerberos principal to use; sad - single-use authentication data (encrypted generalized timestamp)
Throws:: SamException

getSamType

SamType getSamType()

Gets the registered SAM algorithm type implemented by this SamVerifier.

Returns:: the type value for the SAM algorithm used to verify the SUP.

setUserContext

void setUserContext(javax.naming.directory.DirContext userContext)

sets the user context where users are stored for the primary realm