public interface SIPTrustAssociationInterceptor
SIPTrustAssociationInterceptor
is an interface for developing a SIP custom trust association interceptor (TAI).
A custom TAI that implements this interface should also extend com.ibm.wsspi.security.tai.extension.BaseTrustAssociationInterceptor
class.
The custom TAI must implement the following methods:
initialize
to allocate any resources needed for the TAI
negotiateValidateandEstablishProtocolTrust
that returns TAIResult
to indicate the status of the message being processed
isTargetProtocolInterceptor
that returns false/true to indicate whether a SIP message will be handled by the TAI.
The idea is during processing a SIP request, the Liberty server will pass the
SipServletRequest
and SipServletResponse
to the SIP trust association interceptor.
The trust association interceptor can inspect the SIP message to see if it contains security
attributes (authentication or authorization attributes) from the third party security service.
Modifier and Type | Method and Description |
---|---|
void |
cleanup()
Invoked when the TAI should free any resources it holds.
|
java.lang.String |
getType()
Returns a type value of the TAI.
|
java.lang.String |
getVersion()
Returns the version number of the current TAI implementation.
|
int |
initialize(java.util.Properties properties)
Initializes the SIP trust association interceptor.
|
boolean |
isTargetProtocolInterceptor(javax.servlet.sip.SipServletMessage sipMsg)
The custom TAI should use this method to inspect if it can process the
SipServletMessage . |
com.ibm.wsspi.security.tai.TAIResult |
negotiateValidateandEstablishProtocolTrust(javax.servlet.sip.SipServletRequest req,
javax.servlet.sip.SipServletResponse resp)
This method is used to determine whether trust association can be
established between the Liberty server and the third party security service.
|
boolean isTargetProtocolInterceptor(javax.servlet.sip.SipServletMessage sipMsg) throws com.ibm.websphere.security.WebTrustAssociationFailedException
SipServletMessage
.
The implementation should return true
if the TAI can handle the sipMsg, else false
should be returned.sipMsg
- SipServletMessage to be handled by the TAIcom.ibm.websphere.security.WebTrustAssociationFailedException
- exceptioncom.ibm.wsspi.security.tai.TAIResult negotiateValidateandEstablishProtocolTrust(javax.servlet.sip.SipServletRequest req, javax.servlet.sip.SipServletResponse resp) throws com.ibm.websphere.security.WebTrustAssociationFailedException
TAIResult
that indicates the status of the message being processed.
If authentication succeeds, the TAIResult should contain the status HttpServletResponse.SC_OK and a principal.
If the interceptor finds that the request does not contains the expected authentication data,
it can write the challenge information in the SIP response and return TAIResult
with status code
HttpServletResponse.SC_UNAUTHORIZED (401), or SC_FORBIDDEN (403), or SC_PROXY_AUTHENTICATION_REQUIRED (407).
req
- incoming SipServletRequest to be handled by the TAIresp
- incoming SipServletResponse to be handled by the TAIcom.ibm.websphere.security.WebTrustAssociationFailedException
- exceptionint initialize(java.util.Properties properties) throws com.ibm.websphere.security.WebTrustAssociationFailedException
properties
- Properties defined in the TAI propertiescom.ibm.websphere.security.WebTrustAssociationFailedException
- exceptionjava.lang.String getVersion()
java.lang.String getType()
void cleanup()