Websphere MQ Everyplace

com.ibm.mqe
Class MQeAuthenticator

java.lang.Object
  |
  +--com.ibm.mqe.MQe
        |
        +--com.ibm.mqe.MQeAuthenticator
All Implemented Interfaces:
MQeExceptionCodes
Direct Known Subclasses:
LogonAuthenticator, MQeWTLSCertAuthenticator

public abstract class MQeAuthenticator
extends MQe

This is the base class for authenticator objects. Authenticators can be used to control access to a queue. The base class does not provide any useful authentication itself but can be extended to create new types of authenticator. Some examples are provided in the examples.attributes package.

In a typical client/server configuration, the client queue manager initiates access to a queue on the server, for example by putting a message to the queue. If the queue has an authenticator, its activateMaster() method is invoked on the client queue manager. This method typically collects data to authenticate the client or user and returns the data in a byte array. The data is passed to the activateSlave() method on the server queue manager. This then typically validates the data from the client and, if required, collects data to validate the server. This data is returned in a byte array which is passed back to the slaveResponse() method on the client queue manager.

If the queue is accessed locally, (that is from the queue manager that owns it), the activateMaster(), activateSlave(), and slaveResponse() methods are called in sequence on that queue manager.

If the activateSlave() and slaveResponse() methods are satisfied with the data they receive, they should both call setAuthenticatedID() to set the name of the authenticated entity. If they are not satisfied with the data, they should throw an exception.

This class is a descendant of MQe


Field Summary
 
Fields inherited from class com.ibm.mqe.MQe
Admin_Queue_Name, Admin_Reply_Queue_Name, copyright, DeadLetter_Queue_Name, Event_Activate, Event_Attribute, Event_Authenticate, Event_Close, Event_Logoff, Event_Logon, Event_MiniCert_Validate, Event_Queue, Event_QueueManager, Event_UserBase, JMS_Version, MQ_Headers, MQe_Log_Audit_Failure, MQe_Log_Audit_Success, MQe_Log_Error, MQe_Log_Information, MQe_Log_Success, MQe_Log_Warning, Msg_BackoutCount, Msg_CorrelID, Msg_ExpireTime, Msg_LockID, Msg_MsgID, Msg_OriginQMgr, Msg_Priority, Msg_ReplyToQ, Msg_ReplyToQMgr, Msg_Resend, Msg_Style, Msg_Style_Datagram, Msg_Style_Reply, Msg_Style_Request, Msg_Time, Msg_WrapMsg, sccsid, System_Default_Queue_Name, version
 
Fields inherited from interface com.ibm.mqe.MQeExceptionCodes
Except_Active, Except_AdapterException, Except_AdapterMissingRemoteAddress, Except_Admin_ActionNotSupported, Except_Admin_InvalidField, Except_Admin_NotAdminMsg, Except_AdminAction, Except_Authenticate, Except_BadRequest, Except_BridgeListener, Except_Chnl_Attributes, Except_Chnl_ID, Except_Chnl_Limit, Except_Chnl_Overrun, Except_Closed, Except_Con_AdapterRequired, Except_Con_AliasAlreadyExists, Except_Con_AlreadyExists, Except_Con_InvalidName, Except_Connect_Failure, Except_ConnectonType, Except_Cryptor, Except_Data, Except_Duplicate, Except_JmxProperties, Except_Listener, Except_MessageStore, Except_MiniCertReg_ActivateFailed, Except_MiniCertReg_BadPIN, Except_MiniCertReg_NotOpen, Except_NotActive, Except_NotAllowed, Except_NotFound, Except_NotSupported, Except_PrivateReg_ActivateFailed, Except_PrivateReg_BadPIN, Except_PrivateReg_NotOpen, Except_PublicReg_ActivateFailed, Except_PublicReg_InvalidAddress, Except_PublicReg_InvalidRequest, Except_Q_Full, Except_Q_InvalidName, Except_Q_InvalidPriority, Except_Q_MsgTooLarge, Except_Q_NoMatchingMsg, Except_Q_TargetRegistryRequired, Except_QMgr_Activated, Except_QMgr_AlreadyExists, Except_QMgr_InvalidQMgrName, Except_QMgr_InvalidQName, Except_QMgr_NotActive, Except_QMgr_NotBridgeEnabled, Except_QMgr_NotConfigured, Except_QMgr_QDoesNotExist, Except_QMgr_QExists, Except_QMgr_QNotEmpty, Except_QMgr_RegistryDataVersion, Except_QMgr_UnknownQMgr, Except_QMgr_WrongQType, Except_Reg_AddFailed, Except_Reg_AlreadyExists, Except_Reg_AlreadyOpen, Except_Reg_CRTKeyDecFailed, Except_Reg_CRTKeySignFailed, Except_Reg_DeleteFailed, Except_Reg_DeleteRegistryFailed, Except_Reg_DoesNotExist, Except_Reg_InvalidSession, Except_Reg_ListFailed, Except_Reg_NotDefined, Except_Reg_NotSecure, Except_Reg_NullName, Except_Reg_OpenFailed, Except_Reg_ReadFailed, Except_Reg_RenameFailed, Except_Reg_ResetPINFailed, Except_Reg_SearchFailed, Except_Reg_UpdateFailed, Except_RemoteException, Except_Rule, Except_S_BadIntegrity, Except_S_BadSubject, Except_S_CertificateExpired, Except_S_Cipher, Except_S_InvalidAttribute, Except_S_InvalidSignature, Except_S_MiniCertNotAvailable, Except_S_MissingSection, Except_S_NoPresetKeyAvailable, Except_S_RegistryNotAvailable, Except_Stopped, Except_Syntax, Except_TimeOut, Except_Transporter, Except_TriggerTransmission, Except_Trnsport_QMgr, Except_Trnsport_Request, Except_Type, Except_UdpipAdapterStateException, Except_UdpipAdapterTimeOut, Except_UdpipAdapterUnableToConfirmSuccess, Except_UnCoded, Except_Uncontactable_DontTransmit
 
Constructor Summary
MQeAuthenticator()
           
 
Method Summary
 byte[] activateMaster(boolean local)
          Activates the autheticator on the master (initiating) queue manager.
 byte[] activateSlave(boolean local, byte[] data)
          Activates the autheticator on the slave (responding) queue manager.
 void close()
          Closes the authenticator.
 void setAuthenticatedID(java.lang.String authentId)
          Sets the name of the authenticated entity.
 void slaveResponse(boolean local, byte[] data)
          Processes the response from the slave queue manager.
 
Methods inherited from class com.ibm.mqe.MQe
abbreviate, alias, asciiToByte, byteToAscii, byteToHex, byteToHex, byteToInt, byteToLong, byteToShort, byteToUnicode, fileSeparator, getEventLogHandler, hexToAscii, hexToByte, intToByte, isCLDC, loadClass, loadObject, log, setEventLogHandler, setLoader, sliceByteArray, type, unicodeToByte, uniqueValue
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

MQeAuthenticator

public MQeAuthenticator()
Method Detail

activateMaster

public byte[] activateMaster(boolean local)
                      throws java.lang.Exception

Activates the autheticator on the master (initiating) queue manager.

This method is invoked on the queue manager that initiates access to a queue. It can return data in a byte array that is subsequently passed into the activateSlave() method on the queue manager that owns the queue. The method in the base class simply returns null and should be overridden. For example, the base method could be modified to collect some data from the user and return it in the byte array.

Parameters:
local - local This parameter determines whether the queue is being accessed locally (from the queue manager that owns it), when it is set to true, or remotely (from another queue manager), when it is set to false.
Returns:
A byte array, which is subsequently passed to the activateSlave() method on the queue manager that owns the queue.
Throws:
java.lang.Exception - The method in the base class does not throw any exceptions.

Any exceptions thrown by this method are not caught by WebSphere MQ Everyplace itself, but are passed back to the user’s code. An exception terminates the attempt to access the queue.


activateSlave

public byte[] activateSlave(boolean local,
                            byte[] data)
                     throws java.lang.Exception

Activates the autheticator on the slave (responding) queue manager.

This method should not be called by the user, it should be overridden to create a new authenticator.

This method is invoked on the queue manager that owns the queue. Data is passed to it from the activateMaster() method on the intiating queue manager and it can return data that is subsequently passed to the slaveResponse() method on the initiating queue manager. If the activateSlave() method is satisfied with the data it receives, it should call setAuthenticatedID() to set the name of the authenticated entity. If it is not satisfied with the data, it should throw an exception indicating the reason.

The method in the base class logs the authenticated ID using the MQe.log() method. It could be overridden to, for example, validate the data it has been passed, set the authenticated ID, call the base method to log the ID, and then, if required, collect data to pass back to slaveResponse() to authenticate the server.

Parameters:
local - This parameter determines whether the queue is being accessed locally (from the queue manager that owns it), when it is set to true, or remotely (from another queue manager), when it is set to false.
data - The data returned by activateMaster() on the initiating queue manager.
Returns:
A byte array, that is subsequently passed to the slaveResponse() method on the queue manager that initiated the access.
Throws:
java.lang.Exception - The method in the base class does not throw any exceptions.

Any exceptions thrown by this method are caught and passed back to the initiating queue manager where they are re-thrown. WebSphere MQ Everyplace does not catch these exceptions on the initiating queue manager and they are passed back to the user’s code. An exception terminates the attempt to access the queue.


setAuthenticatedID

public void setAuthenticatedID(java.lang.String authentId)

Sets the name of the authenticated entity.

This method sets the identity of the authenticated entity and should be called by the activateSlave() and slaveResponse() methods. If the identity is not set, the access fails.

Returns:
void
Throws:
none

close

public void close()

Closes the authenticator. It would typically be overridden to clean up any resources and call the base method if the log record is required.

Returns:
void
Throws:
none

slaveResponse

public void slaveResponse(boolean local,
                          byte[] data)
                   throws java.lang.Exception

Processes the response from the slave queue manager.

This method should not be called by the user, it should be overridden to create a new authenticator.

This method is invoked on the queue manager that initiates access to the queue. Data is passed to it from the activateSlave() method on the queue manager that owns the queue.

If the slaveResponse() method is satisfied with the data it receives, it should call setAuthenticatedID() to set the name of the authenticated entity. If it is not satisfied with the data, it should throw an exception indicating the reason.

The method in the base class does nothing. It could be overridden to, for example, validate the data it has been passed and set the authenticated ID.

Parameters:
local - This parameter determines whether the queue is being accessed locally (from the queue manager that owns it), when it is set to true, or remotely (from another queue manager), when it is set to false.
data - The data returned by activateSlave() on the queue manager that owns the queue.
Returns:
void
Throws:
java.lang.Exception - The method in the base class does not throw any exceptions.

Any exceptions thrown by this method are not caught by WebSphere MQ Everyplace itself, but are passed back to the user’s code. An exception terminates the attempt to access the queue.


Websphere MQ Everyplace