org.apache.directory.server.kerberos.sam
Interface SamVerifier


public interface SamVerifier

Single-use Authentication Mechanism verifier (subsystem) interface. SamVerifiers are modules that can be configured and are dynamically loaded as needed. Implementations have a few requirements and things implementors should know:

Version:
$Rev: 434436 $
Author:
Apache Directory Project

Method Summary
 SamType getSamType()
          Gets the registered SAM algorithm type implemented by this SamVerifier.
 void setIntegrityChecker(KeyIntegrityChecker keyChecker)
          SamVerifiers require a KeyIntegrityChecker to calculate the integrity of a generated KerberosKey.
 void setUserContext(javax.naming.directory.DirContext userContext)
          sets the user context where users are stored for the primary realm
 void shutdown()
          Shuts down one of many pluggable SAM type subsystem
 void startup()
          Starts one of many pluggable SAM type subsystem
 javax.security.auth.kerberos.KerberosKey verify(javax.security.auth.kerberos.KerberosPrincipal principal, byte[] sad)
          Verifies the single use password supplied.
 

Method Detail

startup

void startup()
             throws SamException
Starts one of many pluggable SAM type subsystem

Throws:
SamException

shutdown

void shutdown()
Shuts down one of many pluggable SAM type subsystem


setIntegrityChecker

void setIntegrityChecker(KeyIntegrityChecker keyChecker)
SamVerifiers require a KeyIntegrityChecker to calculate the integrity of a generated KerberosKey. The Kerberos service exposes this interface and supplies it to the verifier to check generated keys to conduct the verification workflow.

Parameters:
keyChecker - the integrity checker that validates whether or not a key can decrypt-decode preauth data (an encryped-encoded generalized timestamp)

verify

javax.security.auth.kerberos.KerberosKey verify(javax.security.auth.kerberos.KerberosPrincipal principal,
                                                byte[] sad)
                                                throws SamException
Verifies the single use password supplied.

Parameters:
principal - the kerberos principal to use
sad - single-use authentication data (encrypted generalized timestamp)
Throws:
SamException

getSamType

SamType getSamType()
Gets the registered SAM algorithm type implemented by this SamVerifier.

Returns:
the type value for the SAM algorithm used to verify the SUP.

setUserContext

void setUserContext(javax.naming.directory.DirContext userContext)
sets the user context where users are stored for the primary realm