com.ibm.as400.security.auth
Class Swapper

java.lang.Object
  extended by com.ibm.as400.security.auth.Swapper

public class Swapper
extends Object

Provides utility methods to perform credential swaps for existing remote connections. The methods in this class allow you to do work under a different user, providing you've obtained a ProfileTokenCredential probably from AS400.getProfileToken().

Comparison with the swap() methods of ProfileTokenCredential:

The swap() methods of this class have as one of their arguments either an AS400 object or a Connection object. The contract of these methods is to swap the profile in use for a specified connection. Here is the usage pattern:

 AS400 conn1 = new AS400(sysName, userID, password);
 ProfileTokenCredential myCred = new ProfileTokenCredential(....);
 Swapper.swap(conn1, myCred);
 // conn1 is now running under the new (swapped-to) profile
 

In constrast, the contract of the swap() methods of class ProfileTokenCredential is to swap the profile in use for the current thread of execution. They don't swap the profile in use for a specific AS400 object, but rather for any subsequently-created AS400 objects. Here is the usage pattern:

 AS400 conn1 = new AS400();
 ProfileTokenCredential myCred = new ProfileTokenCredential(....);
 myCred.swap();
 AS400 conn2 = new AS400();  // conn2 is running under the swapped-to profile.
 // conn1 is still running under the original profile.
 

The Swapper.swap() methods are useful for swapping credentials for existing remote connections. The ProfileTokenCredential.swap() methods are useful for swapping the current thread of execution when running natively in an IBM i JVM.

This class is mostly based on a prototype contributed by Steve Johnson-Evers.


Method Summary
static void swap(AS400 system, ProfileTokenCredential newCredential)
          Swaps the profile on the specified system.
static void swap(Connection connection, ProfileTokenCredential newCredential)
          Swaps the profile on the specified JDBC connection.
static void swapToToken(AS400 system, byte[] token)
          Swaps the profile, using the specified profile token.
static void swapToToken(Connection connection, byte[] token)
          Swaps the profile, using the specified profile token.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

swap

public static void swap(AS400 system,
                        ProfileTokenCredential newCredential)
                 throws AS400SecurityException,
                        IOException
Swaps the profile on the specified system. This method calls system API QSYSETP ("Set To Profile Token").

Note: This method is intended for use with remote connections only, and only swaps the profile used by CommandCall, ProgramCall, and ServiceProgramCall. If your Java application is running "natively", that is, on-thread on the IBM i JVM, and you wish to swap the current thread to a different profile, use one of the swap() methods of ProfileTokenCredential instead of this method.

Parameters:
system - The remote IBM i system.
newCredential - The credential to use for the swap.
Throws:
AS400SecurityException - If a security or authority error occurs.
IOException - If an error occurs while communicating with the system.
See Also:
AS400Credential.swap(), AS400Credential.swap(boolean)

swap

public static void swap(Connection connection,
                        ProfileTokenCredential newCredential)
                 throws AS400SecurityException,
                        IOException,
                        SQLException
Swaps the profile on the specified JDBC connection. This method calls system API QSYSETP ("Set To Profile Token").

Parameters:
connection - A JDBC connection to the IBM i system. Must be an instance of AS400JDBCConnection or AS400JDBCConnectionHandle.
newCredential - The credential to use for the swap.
Throws:
AS400SecurityException - If a security or authority error occurs.
IOException - If an error occurs while communicating with the system.
SQLException - If the connection is not open, or an error occurs.

swapToToken

public static void swapToToken(AS400 system,
                               byte[] token)
                        throws AS400SecurityException,
                               IOException
Swaps the profile, using the specified profile token. This method calls system API QSYSETP ("Set To Profile Token").

Note: This method is intended for use with remote connections only, and only swaps the profile used by CommandCall, ProgramCall, and ServiceProgramCall. If your Java application is running "natively", that is, on-thread on the IBM i JVM, and you wish to swap the current thread to a different profile, use one of the swap() methods of ProfileTokenCredential instead of this method.

Parameters:
system - The IBM i system.
token - The bytes from ProfileTokenCredential.getToken()
Throws:
AS400SecurityException - If a security or authority error occurs.
IOException - If an error occurs while communicating with the system.
See Also:
swap(AS400, ProfileTokenCredential)

swapToToken

public static void swapToToken(Connection connection,
                               byte[] token)
                        throws AS400SecurityException,
                               IOException,
                               SQLException
Swaps the profile, using the specified profile token. This method uses SQL's call statement to pass the token to QSYSETPT.

Parameters:
connection - A JDBC connection to the IBM i system.
token - The bytes from ProfileTokenCredential.getToken()
Throws:
AS400SecurityException - If a security or authority error occurs.
IOException - If an error occurs while communicating with the system.
SQLException - If the connection is not open, or an error occurs.
See Also:
swap(Connection, ProfileTokenCredential)