| Modifier and Type | Class and Description |
|---|---|
class |
AuthToken
Authentication token returned by Authentication Managers.
|
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
IAuthManager.authenticate(IAuthCredentials authCred)
Authenticate the given credentials.
|
IAuthToken |
IAuthSubsystem.authenticate(IAuthCredentials authCred,
java.lang.String authMgrName)
Authenticate the given credentials using the given manager name.
|
| Modifier and Type | Method and Description |
|---|---|
AuthzToken |
IAuthzManager.authorize(IAuthToken authToken,
java.lang.String expression) |
AuthzToken |
IAuthzManager.authorize(IAuthToken authToken,
java.lang.String resource,
java.lang.String operation)
Check if the user is authorized to perform the given operation on the
given resource.
|
AuthzToken |
IAuthzSubsystem.authorize(java.lang.String authzMgrName,
IAuthToken authToken,
java.lang.String exp) |
AuthzToken |
IAuthzSubsystem.authorize(java.lang.String authzMgrName,
IAuthToken authToken,
java.lang.String resource,
java.lang.String operation)
authorize the user associated with the given authToken for a given
operation with the given authorization manager name
|
AuthzToken |
IAuthzSubsystem.authorize(java.lang.String authzMgrName,
IAuthToken authToken,
java.lang.String resource,
java.lang.String operation,
java.lang.String realm) |
void |
IAuthzSubsystem.checkRealm(java.lang.String realm,
IAuthToken authToken,
java.lang.String owner,
java.lang.String resource,
java.lang.String operation)
Authorize the user against the specified realm.
|
| Modifier and Type | Method and Description |
|---|---|
ICertificateAuthority |
ICertificateAuthority.createCA(IAuthToken authToken,
java.lang.String dn,
AuthorityID parentAID,
java.lang.String desc)
Create a new sub-CA under the specified parent CA.
|
ICertificateAuthority |
ICertificateAuthority.createSubCA(IAuthToken authToken,
java.lang.String dn,
java.lang.String desc)
Create a new sub-CA IMMEDIATELY beneath this one.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
IAccessEvaluator.evaluate(IAuthToken authToken,
java.lang.String type,
java.lang.String op,
java.lang.String value)
Evaluates if the given value satisfies the access
control in authToken obtained from Authentication.
|
| Modifier and Type | Method and Description |
|---|---|
void |
IProfileAuthenticator.populate(IAuthToken token,
IRequest request)
Populates authentication specific information into the
request for auditing purposes.
|
void |
IProfile.submit(IAuthToken token,
IRequest request)
Handles end-user request submission.
|
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
IRequest.getExtDataInAuthToken(java.lang.String key)
Retrieves an authtoken.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
IRequest.setExtData(java.lang.String key,
IAuthToken data)
Stores an AuthToken the same as a Hashtable.
|
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
TokenAuthentication.authenticate(IAuthCredentials authCred)
authenticates user(agent) by certificate
|
IAuthToken |
SSLclientCertAuthentication.authenticate(IAuthCredentials authCred)
authenticates user by certificate
|
IAuthToken |
HashAuthentication.authenticate(IAuthCredentials authCreds)
Authenticates a user based on uid, pwd in the directory.
|
IAuthToken |
FlatFileAuth.authenticate(IAuthCredentials authCred)
Authenticate the request
|
IAuthToken |
DirBasedAuthentication.authenticate(IAuthCredentials authCred)
Authenticates user through LDAP by a set of credentials.
|
IAuthToken |
CMCAuth.authenticate(IAuthCredentials authCred)
Authenticates user by their CMC;
resulting AuthToken sets a TOKEN_SUBJECT for the subject name.
|
IAuthToken |
AgentCertAuthentication.authenticate(IAuthCredentials authCred)
authenticates user(agent) by certificate
|
IAuthToken |
HashAuthentication.getAuthToken(java.lang.String key) |
protected IAuthToken |
CMCAuth.verifySignerInfo(AuthToken authToken,
org.mozilla.jss.pkix.cms.SignedData cmcFullReq) |
| Modifier and Type | Method and Description |
|---|---|
void |
HashAuthentication.addAuthToken(java.lang.String pageID,
IAuthToken token) |
void |
UserPwdDirAuthentication.populate(IAuthToken token,
IRequest request) |
void |
UidPwdPinDirAuthentication.populate(IAuthToken token,
IRequest request) |
void |
UidPwdDirAuthentication.populate(IAuthToken token,
IRequest request) |
void |
TokenAuthentication.populate(IAuthToken token,
IRequest request) |
void |
SSLclientCertAuthentication.populate(IAuthToken token,
IRequest request) |
void |
FlatFileAuth.populate(IAuthToken token,
IRequest request) |
void |
CMCAuth.populate(IAuthToken token,
IRequest request) |
void |
AgentCertAuthentication.populate(IAuthToken token,
IRequest request) |
| Modifier and Type | Method and Description |
|---|---|
AuthzToken |
DirAclAuthz.authorize(IAuthToken authToken,
java.lang.String expression) |
AuthzToken |
BasicGroupAuthz.authorize(IAuthToken authToken,
java.lang.String expression) |
AuthzToken |
BasicAclAuthz.authorize(IAuthToken authToken,
java.lang.String expression) |
AuthzToken |
DirAclAuthz.authorize(IAuthToken authToken,
java.lang.String resource,
java.lang.String operation)
check the authorization permission for the user associated with
authToken on operation
|
AuthzToken |
BasicGroupAuthz.authorize(IAuthToken authToken,
java.lang.String resource,
java.lang.String operation) |
AuthzToken |
BasicAclAuthz.authorize(IAuthToken authToken,
java.lang.String resource,
java.lang.String operation)
check the authorization permission for the user associated with
authToken on operation
|
abstract AuthzToken |
AAclAuthz.authorize(IAuthToken authToken,
java.lang.String resource,
java.lang.String operation)
an abstract class that enforces implementation of the
authorize() method that will authorize an operation on a
particular resource
|
void |
AAclAuthz.checkPermission(IAuthToken authToken,
java.lang.String name,
java.lang.String perm)
Checks if the permission is granted or denied with id from authtoken
gotten from authentication that precedes authorization.
|
boolean |
AAclAuthz.evaluateACLs(IAuthToken authToken,
java.lang.String exp) |
| Modifier and Type | Method and Description |
|---|---|
boolean |
UserOrigReqAccessEvaluator.evaluate(IAuthToken authToken,
java.lang.String type,
java.lang.String op,
java.lang.String value)
Evaluates the user in AuthToken to see if it's equal to value
|
boolean |
UserAccessEvaluator.evaluate(IAuthToken authToken,
java.lang.String type,
java.lang.String op,
java.lang.String value)
Evaluates the user in AuthToken to see if it's equal to value
|
boolean |
IPAddressAccessEvaluator.evaluate(IAuthToken authToken,
java.lang.String type,
java.lang.String op,
java.lang.String value)
Gets the IP address from session context
|
boolean |
GroupAccessEvaluator.evaluate(IAuthToken authToken,
java.lang.String type,
java.lang.String op,
java.lang.String value)
evaluates uid in AuthToken to see if it has membership in
group value
|
| Modifier and Type | Method and Description |
|---|---|
protected IAuthToken |
SubjAltNameExt.findAuthToken(IRequest req,
java.lang.String authMgrName)
Deprecated.
Find a particular authentication token by manager name.
|
| Modifier and Type | Method and Description |
|---|---|
protected void |
SubjAltNameExt.addValues(IAuthToken tok,
java.lang.String attrName,
java.util.Vector<java.lang.String> v)
Deprecated.
Add attribute values from an LDAP attribute to a vector
|
protected java.util.Vector<java.lang.String> |
SubjAltNameExt.getEmailList(IAuthToken tok)
Deprecated.
Generate a String Vector containing all the email addresses
found in this Authentication token
|
| Modifier and Type | Method and Description |
|---|---|
void |
EnrollProfile.submit(IAuthToken token,
IRequest request)
This method is called after the user submits the
request from the end-entity page.
|
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
PKIPrincipal.getAuthToken() |
| Modifier and Type | Method and Description |
|---|---|
protected java.security.Principal |
PKIRealm.getPrincipal(IUser user,
IAuthToken authToken) |
protected java.security.Principal |
PKIRealm.getPrincipal(java.lang.String username,
IAuthToken authToken) |
| Constructor and Description |
|---|
PKIPrincipal(IUser user,
java.lang.String password,
java.util.List<java.lang.String> roles,
IAuthToken authToken) |
| Modifier and Type | Method and Description |
|---|---|
boolean |
AdminServlet.authorize(IAuthToken token)
authorize a user based on its authentication credentials.
|
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
CMSServlet.authenticate(CMSRequest req) |
IAuthToken |
CMSServlet.authenticate(CMSRequest req,
java.lang.String authMgrName) |
IAuthToken |
CMSServlet.authenticate(javax.servlet.http.HttpServletRequest httpReq) |
IAuthToken |
CMSServlet.authenticate(javax.servlet.http.HttpServletRequest httpReq,
java.lang.String authMgrName)
Authentication
|
protected IAuthToken |
CMSServlet.getAuthToken(IRequest req) |
| Modifier and Type | Method and Description |
|---|---|
AuthzToken |
CMSServlet.authorize(java.lang.String authzMgrName,
IAuthToken authToken,
java.lang.String resource,
java.lang.String operation)
Authorize must occur after Authenticate
|
AuthzToken |
CMSServlet.authorize(java.lang.String authzMgrName,
java.lang.String resource,
IAuthToken authToken,
java.lang.String exp) |
protected static void |
CMSServlet.saveAuthToken(IAuthToken token,
IRequest req) |
| Modifier and Type | Method and Description |
|---|---|
protected void |
HashEnrollServlet.fillCertInfoFromAuthToken(netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken)
fill subject name, validity, extensions from authoken if any,
overriding what was in pkcs10.
|
protected netscape.security.x509.X509CertInfo[] |
HashEnrollServlet.fillCRMF(java.lang.String crmf,
IAuthToken authToken,
IArgBlock httpParams,
IRequest req) |
protected void |
CertProcessor.populateRequests(CertEnrollmentRequest data,
boolean isRenewal,
java.util.Locale locale,
java.util.Date origNotAfter,
java.lang.String origSubjectDN,
IRequest origReq,
java.lang.String profileId,
IProfile profile,
IProfileContext ctx,
IProfileAuthenticator authenticator,
IAuthToken authToken,
IRequest[] reqs) |
java.util.HashMap<java.lang.String,java.lang.Object> |
EnrollmentProcessor.processEnrollment(CertEnrollmentRequest data,
javax.servlet.http.HttpServletRequest request,
AuthorityID aid,
AuthCredentials credentials,
IAuthToken authToken)
Process the HTTP request
|
protected java.lang.String |
CertProcessor.submitRequests(java.util.Locale locale,
IProfile profile,
IAuthToken authToken,
IRequest[] reqs) |
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
CRSEnrollment.authenticate(AuthCredentials credentials,
IProfileAuthenticator authenticator,
javax.servlet.http.HttpServletRequest request) |
| Modifier and Type | Method and Description |
|---|---|
protected IAuthToken |
CloneServlet.authenticate(java.security.cert.X509Certificate peerCert) |
| Modifier and Type | Method and Description |
|---|---|
protected IPKIMessage |
ConnectorServlet.processRequest(java.lang.String source,
java.lang.String sourceUserId,
IPKIMessage msg,
IAuthToken token)
Process request
|
protected IPKIMessage |
CloneServlet.processRequest(java.lang.String source,
java.lang.String sourceUserId,
IPKIMessage msg,
IAuthToken token) |
| Modifier and Type | Method and Description |
|---|---|
void |
KeyRequestDAO.approveRequest(RequestId id,
java.lang.String requestor,
IAuthToken authToken) |
void |
KeyRequestDAO.cancelRequest(RequestId id,
IAuthToken authToken) |
KeyRequestInfo |
KeyRequestDAO.getRequest(RequestId id,
javax.ws.rs.core.UriInfo uriInfo,
IAuthToken authToken)
Gets info for a specific request
|
void |
KeyRequestDAO.rejectRequest(RequestId id,
IAuthToken authToken) |
KeyRequestResponse |
KeyRequestDAO.submitAsyncKeyRecoveryRequest(KeyRecoveryRequest data,
javax.ws.rs.core.UriInfo uriInfo,
java.lang.String requestor,
IAuthToken authToken) |
KeyRequestResponse |
KeyRequestDAO.submitRequest(KeyRecoveryRequest data,
javax.ws.rs.core.UriInfo uriInfo,
java.lang.String requestor,
IAuthToken authToken)
Submits a key recovery request.
|
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
CAProcessor.authenticate(javax.servlet.http.HttpServletRequest httpReq) |
IAuthToken |
CAProcessor.authenticate(javax.servlet.http.HttpServletRequest request,
IRequest origReq,
IProfileAuthenticator authenticator,
SessionContext context,
boolean isRenewal,
AuthCredentials credentials) |
IAuthToken |
CAProcessor.authenticate(javax.servlet.http.HttpServletRequest httpReq,
java.lang.String authMgrName) |
IAuthToken |
CAProcessor.authenticate(IProfileAuthenticator authenticator,
javax.servlet.http.HttpServletRequest request,
AuthCredentials credentials) |
IAuthToken |
CAProcessor.authenticate(IProfileAuthenticator authenticator,
javax.servlet.http.HttpServletRequest request,
IRequest origReq,
SessionContext context,
AuthCredentials credentials)
AUTHENTICATION FUNCTIONS (move to Realm?)
|
| Modifier and Type | Method and Description |
|---|---|
AuthzToken |
CAProcessor.authorize(java.lang.String authzMgrName,
IAuthToken authToken,
java.lang.String resource,
java.lang.String operation)
Authorize must occur after Authenticate
|
void |
CAProcessor.authorize(java.lang.String profileId,
IProfile profile,
IAuthToken authToken) |
AuthzToken |
CAProcessor.authorize(java.lang.String authzMgrName,
java.lang.String resource,
IAuthToken authToken,
java.lang.String exp)
AUTHZ FNCTIONS (to be moved to Realm?)
|
void |
PKCS10Processor.fillCertInfo(netscape.security.pkcs.PKCS10 pkcs10,
netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken,
IArgBlock httpParams) |
protected void |
PKIProcessor.fillCertInfo(java.lang.String protocolString,
netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken,
IArgBlock httpParams) |
void |
PKCS10Processor.fillCertInfo(java.lang.String protocolString,
netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken,
IArgBlock httpParams) |
void |
KeyGenProcessor.fillCertInfo(java.lang.String protocolString,
netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken,
IArgBlock httpParams) |
void |
CMCProcessor.fillCertInfo(java.lang.String protocolString,
netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken,
IArgBlock httpParams) |
protected netscape.security.x509.X509CertInfo[] |
PKIProcessor.fillCertInfoArray(java.lang.String protocolString,
IAuthToken authToken,
IArgBlock httpParams,
IRequest req) |
netscape.security.x509.X509CertInfo[] |
CRMFProcessor.fillCertInfoArray(java.lang.String protocolString,
IAuthToken authToken,
IArgBlock httpParams,
IRequest req) |
netscape.security.x509.X509CertInfo[] |
CMCProcessor.fillCertInfoArray(java.lang.String protocolString,
IAuthToken authToken,
IArgBlock httpParams,
IRequest req) |
static void |
PKIProcessor.fillCertInfoFromAuthToken(netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken)
fill subject name, validity, extensions from authoken if any,
overriding what was in pkcs10.
|
netscape.security.x509.X509CertInfo |
CRMFProcessor.processIndividualRequest(org.mozilla.jss.pkix.crmf.CertReqMsg certReqMsg,
IAuthToken authToken,
IArgBlock httpParams) |
static void |
CAProcessor.saveAuthToken(IAuthToken token,
IRequest req) |
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
ProfileSubmitCMCServlet.authenticate(IProfileAuthenticator authenticator,
javax.servlet.http.HttpServletRequest request) |