com.ibm.websphere.security
Interface TrustAssociationInterceptor
- public interface
TrustAssociationInterceptor
When an interceptor has been configured with WebSphere, the high-level description of the processing engine executed by WebSphere is as follows:
- Receive an HTTP Request.
- Choose an interceptor for this request. For every interceptor configured, it checks if it is the appropriate interceptor by calling the method isTargetInterceptor of that interceptor.
- If the interceptor is a target interceptor, WebSphere validates its trust on the third party server represented by the interceptor by calling the method validateEstablishedTrust of that interceptor.
- If the trust has been validated successfully, WebSphere retrieves the username of the end-user that submitted the HTTP request by calling the method getAuthenticatedUsername of that interceptor.
- If a valid username has been retrieved, WebSphere creates the credentials for that user and proceeds with its normal processing.
Method Summary
java.lang.String getAuthenticatedUsername(javax.servlet.http.HttpServletRequest req)
This method is used to retrieve the username of the end client (or the originator of the HTTP request).boolean isTargetInterceptor(javax.servlet.http.HttpServletRequest req)
Every interceptor should know which HTTP requests originate from the third party server that it is supposed to work with.void validateEstablishedTrust(javax.servlet.http.HttpServletRequest req)
This method is used to determine whethere trust association can be established between WebSphere and the third party server.
Method Detail
isTargetInterceptor
public booleanisTargetInterceptor
(javax.servlet.http.HttpServletRequest req) throws WebTrustAssociationException
- Every interceptor should know which HTTP requests originate from the third party server that it is supposed to work with. Given an HTTP request, this method must be used to determine whether or no this interceptor is designed to process the request, in behalf of the trusted server it is designed to interoperate with. The determination algorithm depends on the specific implementation. But i should be able to unequivocally give either a positive or negative response. If for any reason the implementation encounters a situation where it is no able to give a definite response (such as, not enough information, indeterminate state, remote exception, etc), then the method should throw a WebTrustAssociationException. The caller is left to decide on what to do if an exception is received.
validateEstablishedTrust
public voidvalidateEstablishedTrust
(javax.servlet.http.HttpServletRequest req) throws WebTrustAssociationFailedException
- This method is used to determine whethere trust association can be established between WebSphere and the third party server. In most situations, this involves authenticating the server. All the required information to be able to do this should be available in the HTTP request. If the third party server failed the validation, or is unable to provide the required information, a WebTrustAssociationFailedException must be thrown.
getAuthenticatedUsername
public java.lang.StringgetAuthenticatedUsername
(javax.servlet.http.HttpServletRequest req) throws WebTrustAssociationUserException
- This method is used to retrieve the username of the end client (or the originator of the HTTP request). This method should be called only after validateEstablishTrus has been called successfully. The method returns a string. A return value of null implies that an empty string was provided as a username. A WebTrustAssociationUserException should be thrown if the username has no been provided at all or the implementation determines that the username provided was invalid (based on some criteria, e.g., a list of valid usernames may have been decided earlier).
WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.
IBM is a trademark of the IBM Corporation in the United States, other countries, or both.