javax.security.identitystore

Interface IdentityStore

public interface IdentityStore

IdentityStore is a mechanism for validating a Caller's credentials and accessing a Caller's identity attributes, and would be used by an authentication mechanism, such as the JSR 375 HttpAuthenticationMechanism or the JSR 196 (JASPIC) ServerAuthModule.

Stores which do only the authentication or authorization is allowed. Authentication only should use the Status AUTHENTICATED.

An IdentityStore obtains identity data from a persistence mechanism, such as a file, database, or LDAP.

Nested Class Summary

Nested Classes

Modifier and Type	Interface and Description
static class	IdentityStore.ValidationType Determines the type of validation (operations) that should be done by this store.

Field Summary

Fields

Modifier and Type	Field and Description
static Set<IdentityStore.ValidationType>	DEFAULT_VALIDATION_TYPES

Method Summary

Modifier and Type	Method and Description
default Set<String>	getCallerGroups(CredentialValidationResult validationResult)
default int	priority() Determines the order of multiple IdentityStores.
default CredentialValidationResult	validate(Credential credential) Validates the given credential.
default Set<IdentityStore.ValidationType>	validationTypes() Determines the type of validation the IdentityStore should be used for.

Field Detail

DEFAULT_VALIDATION_TYPES

static final Set<IdentityStore.ValidationType> DEFAULT_VALIDATION_TYPES

Method Detail

validate

default CredentialValidationResult validate(Credential credential)

Validates the given credential.

As a convenience a default implementation is provided that looks up an overload of this method with as the one and only parameter a subclass of Credential. Here is an example of what an implementation of this interface looks like with such overloaded method:

public class ExampleIdentityStore implements IdentityStore {

    public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
        // Implementation ...
        return INVALID_RESULT;
    }
	
}
 

Note that the overloaded method is only called when the actual type passed into this method will exactly match the parameter type of the overloaded method. There's no attempt being done to find the most specific overloaded method such as specified in JLS 15.2.

Parameters:

credential - The credential

Returns:

The validation result, including associated caller groups when Authorization is performed (see validationType() )

getCallerGroups

default Set<String> getCallerGroups(CredentialValidationResult validationResult)

priority

default int priority()

Determines the order of multiple IdentityStores. Stores are consulted lower number first.

Returns:

the priority value. Lower values first.

validationTypes

default Set<IdentityStore.ValidationType> validationTypes()

Determines the type of validation the IdentityStore should be used for. By default, its used for credential validation AND providing groups.

Returns:

Type of validation.