IBM WebSphere Application ServerTM
Release 8

com.ibm.wsspi.security.tai
Interface NegotiateTrustAssociationInterceptor

All Superinterfaces:
TrustAssociationInterceptor
All Known Implementing Classes:
NegotiateTrustAssociationInterceptorImpl

Deprecated. As of 5.1.1, replaced by the new com.ibm.wsspi.security.tai.TrustAssociationInterceptor interface. Implementation using this interface are supported by 5.1.1 both at compile time and runtime. Improvement has been made to com.ibm.wsspi.security.tai.TrustAssociationInterceptor and current implementations of this interface should be migrated to use the new interface.

public interface NegotiateTrustAssociationInterceptor
extends TrustAssociationInterceptor

This interface is an extension to the com.ibm.websphere.security.TrustAssociationInterceptor interface. This interface extends the capability of the current trust association interceptor:

When trust association interceptor implements NegotiateTrustAssociationInterceptor interface, the method of TrustAssociationInterceptor.validateEstablishedTrust() is not called. But instead negotiateAndValidateEstablishedTrust() is called.

There is a convenient abstract base class NegotiateTrustAssociationInterceptorImpl extends com.ibm.websphere.security.WebSphereBaseTrustAssociationInterceptor and implements NegotiateTrustAssociationInterceptor and in its implements TrustAssociationInterceptor.validateEstablishedTrust() as no operation and throws WebTrustAssociationFailedException.

Version:
5.0
See Also:
TrustAssociationInterceptor

Method Summary
 javax.security.auth.Subject getSubject()
          Deprecated.  getSubject method returns a JAAS Subject that represents the caller identity that was asserted by the trust association interceptor along with trusted third party security attributes.
 int negotiateAndValidateEstablishedTrust(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)
          Deprecated.  This method is used to determine whethere trust association can be established between WebSphere and the third party server.
 
Methods inherited from interface com.ibm.websphere.security.TrustAssociationInterceptor
getAuthenticatedUsername, isTargetInterceptor, validateEstablishedTrust
 

Method Detail

negotiateAndValidateEstablishedTrust

int negotiateAndValidateEstablishedTrust(javax.servlet.http.HttpServletRequest req,
                                         javax.servlet.http.HttpServletResponse res)
                                         throws WebTrustAssociationFailedException
Deprecated. 

This method is used to determine whethere trust association can be established between WebSphere and the third party server. In most situations, this involves authenticating the server. All the required information to be able to do this should be available in the HTTP request.

If the third party server failed the validation, or is unable to provide the required information, a WebTrustAssociationFailedException must be thrown.

However, if the interceptor finds that the request does not contains the expected authentication data, it can write the protocol specific challenge information in the response and return status code that is not equal to HttpServletResponse.SC_OK. The security runtime will stop processing the request and send a status code back to the initiator. If HttpServletResponse.SC_OK is returned, then the security runtime will proceed to get the authenticated user from getAuthenticatedUsernameEx and continue process the request.

Parameters:
req - HTTP request
res - HTTP response
Returns:
HttpServletResponse.SC_OK indicates no negotiation is required, else negotiation is required
Throws:
WebTrustAssociationFailedException - Any failure is communicate through exception

getSubject

javax.security.auth.Subject getSubject()
                                       throws WebTrustAssociationFailedException
Deprecated. 

getSubject method returns a JAAS Subject that represents the caller identity that was asserted by the trust association interceptor along with trusted third party security attributes.

A null Subject may be returned if the trust association interceptor implementation does not support this feature.

Returns:
javax.security.auth.Subject
Throws:
WebTrustAssociationFailedException - Any failure is communicate through exception

IBM WebSphere Application ServerTM
Release 8