Serializable
, Cloneable
, Map<Object,Object>
public abstract class AuthProvider extends Provider
While callers may invoke login
directly, the provider may also invoke login
on behalf of callers if it determines that a login must be performed prior to certain operations.
Provider.Service
defaults
Modifier | Constructor | Description |
---|---|---|
protected |
Deprecated. |
|
protected |
Constructs a provider with the specified name, version string, and information. |
Modifier and Type | Method | Description |
---|---|---|
abstract void |
login |
Log in to this provider. |
abstract void |
logout() |
Log out from this provider. |
abstract void |
setCallbackHandler |
Set a CallbackHandler . |
clear, compute, computeIfAbsent, computeIfPresent, configure, entrySet, forEach, getInfo, getName, getOrDefault, getService, getServices, getVersion, getVersionStr, isConfigured, keySet, load, merge, put, putAll, putIfAbsent, putService, remove, remove, removeService, replace, replace, replaceAll, toString, values
getProperty, getProperty, list, list, load, loadFromXML, propertyNames, save, setProperty, store, store, storeToXML, storeToXML, storeToXML, stringPropertyNames
@Deprecated(since="9") protected AuthProvider(String name, double version, String info)
AuthProvider(String, String, String)
instead.name
- the provider name.version
- the provider version number.info
- a description of the provider and its services.protected AuthProvider(String name, String versionStr, String info)
name
- the provider name.versionStr
- the provider version string.info
- a description of the provider and its services.public abstract void login(Subject subject, CallbackHandler handler) throws LoginException
The provider relies on a CallbackHandler
to obtain authentication information from the caller (a PIN, for example). If the caller passes a null
handler to this method, the provider uses the handler set in the setCallbackHandler
method. If no handler was set in that method, the provider queries the auth.login.defaultCallbackHandler security property for the fully qualified class name of a default handler implementation. If the security property is not set, the provider is assumed to have alternative means for obtaining authentication information.
subject
- the Subject
which may contain principals/credentials used for authentication, or may be populated with additional principals/credentials after successful authentication has completed. This parameter may be null
.handler
- the CallbackHandler
used by this provider to obtain authentication information from the caller, which may be null
IllegalStateException
- if the provider requires configuration and Provider.configure(java.lang.String)
has not been calledLoginException
- if the login operation failsSecurityException
- if the caller does not pass a security check for SecurityPermission("authProvider.name")
, where name
is the value returned by this provider's getName
methodpublic abstract void logout() throws LoginException
IllegalStateException
- if the provider requires configuration and Provider.configure(java.lang.String)
has not been calledLoginException
- if the logout operation failsSecurityException
- if the caller does not pass a security check for SecurityPermission("authProvider.name")
, where name
is the value returned by this provider's getName
methodpublic abstract void setCallbackHandler(CallbackHandler handler)
CallbackHandler
. The provider uses this handler if one is not passed to the login
method. The provider also uses this handler if it invokes login
on behalf of callers. In either case if a handler is not set via this method, the provider queries the auth.login.defaultCallbackHandler security property for the fully qualified class name of a default handler implementation. If the security property is not set, the provider is assumed to have alternative means for obtaining authentication information.
handler
- a CallbackHandler
for obtaining authentication information, which may be null
IllegalStateException
- if the provider requires configuration and Provider.configure(java.lang.String)
has not been calledSecurityException
- if the caller does not pass a security check for SecurityPermission("authProvider.name")
, where name
is the value returned by this provider's getName
method
© 1993, 2023, Oracle and/or its affiliates. All rights reserved.
Documentation extracted from Debian's OpenJDK Development Kit package.
Licensed under the GNU General Public License, version 2, with the Classpath Exception.
Various third party code in OpenJDK is licensed under different licenses (see Debian package).
Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
https://docs.oracle.com/en/java/javase/21/docs/api/java.base/java/security/AuthProvider.html
AuthProvider(String, String, String)
instead.