org.apache.directory.server.core.authn
Interface Authenticator

All Known Implementing Classes:
AbstractAuthenticator, AnonymousAuthenticator, SimpleAuthenticator, StrongAuthenticator

public interface Authenticator

Authenticates users who access PartitionNexus.

Authenticators are registered to and configured by AuthenticationInterceptor interceptor.

AuthenticationInterceptor authenticates users by calling #authenticate(LdapDN,ServerContext), and then Authenticator checks JNDI Context environment properties (Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS) of current Context.

Version:
$Rev: 679219 $
Author:
Apache Directory Project
See Also:
AbstractAuthenticator

Method Summary
 LdapPrincipal authenticate(BindOperationContext opContext)
          Performs authentication and returns the principal if succeeded.
 void destroy()
          Called by AuthenticationInterceptor to indicate that this authenticator is being removed from service.
 java.lang.String getAuthenticatorType()
          Returns the type of this authenticator (e.g.
 void init(DirectoryService directoryService)
          Called by AuthenticationInterceptor to indicate that this authenticator is being placed into service.
 void invalidateCache(org.apache.directory.shared.ldap.name.LdapDN bindDn)
          Callback used to respond to password changes by invalidating a password cache if implemented.
 

Method Detail

getAuthenticatorType

java.lang.String getAuthenticatorType()
Returns the type of this authenticator (e.g. 'simple', 'none',...).


init

void init(DirectoryService directoryService)
          throws java.lang.Exception
Called by AuthenticationInterceptor to indicate that this authenticator is being placed into service.

Throws:
java.lang.Exception

destroy

void destroy()
Called by AuthenticationInterceptor to indicate that this authenticator is being removed from service.


invalidateCache

void invalidateCache(org.apache.directory.shared.ldap.name.LdapDN bindDn)
Callback used to respond to password changes by invalidating a password cache if implemented. This is an additional feature of an authenticator which need not be implemented: empty implementation is sufficient. This is called on every del, modify, and modifyRdn operation.

Parameters:
bindDn - the already normalized distinguished name of the bind principal

authenticate

LdapPrincipal authenticate(BindOperationContext opContext)
                           throws java.lang.Exception
Performs authentication and returns the principal if succeeded.

Throws:
java.lang.Exception


Copyright © 2003-2009 Apache Software Foundation. All Rights Reserved.