InfoCenter Home >
5: Securing applications -- special topics >
5.4: Overview: Using programmatic and form logins >
5.4.2: Server-side login >
5.4.2.2: The ServerSideAuthenticator class
The ServerSideAuthenticator class is a WebSphere-provided utility class that
provides wrappers around CORBA security methods. It extends the LoginHelper
class for use by servers.
The following list summarizes the public methods in the
ServerSideAuthenticator class. The source file is installed at:
<installation_root>/installedApps/sampleApp.ear/default_app.war/WEB-INF/classes/ServerSideAuthenticator.java
and the class file is installed at:
<installation_root>/installedApps/sampleApp.ear/default_app.war/WEB-INF/classes/ServerSideAuthenticator.class
- ServerSideAuthenticator()
- The constructor obtains a new security-context object from the
underlying ORB. This object is used to carry authentication
information and resulting credentials.
Syntax:
ServerSideAuthenticator() throws IllegalStateException
- login()
- This method takes the user's authentication data (identifier and
password), authenticates the the user (if the force_authn argument
is set to TRUE), and returns the resulting Credentials object.
Syntax:
org.omg.SecurityLevel2.Credentials login(String userID, String password,
boolean force_authn)
throws org.omg.SecurityLevel2.LoginFailed,
com.ibm.IExtendedSecurity.RealmNotRegistered,
com.ibm.IExtendedSecurity.UnknownMapping,
com.ibm.IExtendedSecurity.MechanismTypeNotRegistered,
com.ibm.IExtendedSecurity.InvalidAdditionalCriteria
- authenticate()
- This method does the actual authentication work.
Syntax:
org.omg.SecurityLevel2.Credentials authenticate(String userID, String password)
throws org.omg.SecurityLevel2.LoginFailed,
org.omg.SecurityLevel2.InvalidCredential,
org.omg.Security.InvalidCredentialType,
com.ibm.IExtendedSecurity.RealmNotRegistered,
com.ibm.IExtendedSecurity.UnknownMapping,
com.ibm.IExtendedSecurity.MechanismTypeNotRegistered,
com.ibm.IExtendedSecurity.InvalidAdditionalCriteria
|
|