com.ibm.websphere.security
Interface TrustAssociationInterceptor
All known subinterfaces:
All known implementing classes:
Deprecated. As of 5.1.1, replaced by the new com.ibm.wsspi.security.tai.TrustAssociationInterceptor interface. Implementation using this interface are supported by 5.1.1 both at compile time and runtime. Improvement has been made to com.ibm.wsspi.security.tai.TrustAssociationInterceptor and current implementations of this interface should be migrated to use the new interface.
- public interface TrustAssociationInterceptor
Method Summary
Modifier and Type | Method and Description |
---|---|
|
getAuthenticatedUsername(javax.servlet.http.HttpServletRequest req)
Deprecated. This method is used to retrieve the username of the end client (or the originator
of the HTTP request).
|
|
isTargetInterceptor(javax.servlet.http.HttpServletRequest req)
Deprecated. Every interceptor should know which HTTP requests originate from
the third party server that it is supposed to work with.
|
|
validateEstablishedTrust(javax.servlet.http.HttpServletRequest req)
Deprecated. This method is used to determine whethere trust association can be
established between WebSphere and the third party server.
|
Method Detail
isTargetInterceptor
- boolean isTargetInterceptor(javax.servlet.http.HttpServletRequest req)
- throws WebTrustAssociationException
Deprecated.
Every interceptor should know which HTTP requests originate from
the third party server that it is supposed to work with.
Given an HTTP request, this method must be used to determine whether or not
this interceptor is designed to process the request, in behalf of the trusted
server it is designed to interoperate with.
The determination algorithm depends on the specific implementation. But it
should be able to unequivocally give either a positive or negative response.
If for any reason the implementation encounters a situation where it is not
able to give a definite response (such as, not enough information, indeterminate
state, remote exception, etc), then the method should throw a
WebTrustAssociationException. The caller is left to decide on what to do if
an exception is received.
Throws:
validateEstablishedTrust
- void validateEstablishedTrust(javax.servlet.http.HttpServletRequest req)
- throws WebTrustAssociationFailedException
Deprecated.
This method is used to determine whethere trust association can be
established between WebSphere and the third party server.
In most situations, this involves authenticating the server. All the required information
to be able to do this should be available in the HTTP request.
If the third party server failed the validation, or is unable to provide the required
information, a WebTrustAssociationFailedException must be thrown.
getAuthenticatedUsername
- java.lang.String getAuthenticatedUsername( javax.servlet.http.HttpServletRequest req)
- throws WebTrustAssociationUserException
Deprecated.
This method is used to retrieve the username of the end client (or the originator
of the HTTP request). This method should be called only after validateEstablishTrust
has been called successfully.
The method returns a string. A return value of null implies that an empty string
was provided as a username.
A WebTrustAssociationUserException should be thrown if the username has not
been provided at all or the implementation determines that the username provided
was invalid (based on some criteria, e.g., a list of valid usernames may have been
decided earlier).
Throws: