Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jasig.cas
Interface CentralAuthenticationService

All Known Implementing Classes:
CentralAuthenticationServiceImpl, RemoteCentralAuthenticationService
public interface CentralAuthenticationService

CAS viewed as a set of services to generate and validate Tickets.

This is the interface between a Web HTML, Web Services, RMI, or any other request processing layer and the CAS Service viewed as a mechanism to generate, store, validate, and retrieve Tickets containing Authentication information. The features of the request processing layer (the HttpXXX Servlet objects) are not visible here or in any modules behind this layer. In theory, a standalone application could call these methods directly as a private authentication service.

Since:
3.0

This is a published and supported CAS Server 3 API.

Version:
$Revision: 42053 $ $Date: 2007-06-10 09:17:55 -0400 (Sun, 10 Jun 2007) $
Author:
William G. Thompson, Jr., Dmitry Kopylenko, Scott Battaglia

Method Summary
 java.lang.String createTicketGrantingTicket(Credentials credentials)
          Create a TicketGrantingTicket based on opaque credentials supplied by the caller.
 java.lang.String delegateTicketGrantingTicket(java.lang.String serviceTicketId, Credentials credentials)
          Delegate a TicketGrantingTicket to a Service for proxying authentication to other Services.
 void destroyTicketGrantingTicket(java.lang.String ticketGrantingTicketId)
          Destroy a TicketGrantingTicket.
 java.lang.String grantServiceTicket(java.lang.String ticketGrantingTicketId, Service service)
          Grant a ServiceTicket for a Service.
 java.lang.String grantServiceTicket(java.lang.String ticketGrantingTicketId, Service service, Credentials credentials)
          Grant a ServiceTicket for a Service *if* the principal resolved from the credentials matches the principal associated with the TicketGrantingTicket.
 Assertion validateServiceTicket(java.lang.String serviceTicketId, Service service)
          Validate a ServiceTicket for a particular Service.
 

Method Detail

createTicketGrantingTicket

java.lang.String createTicketGrantingTicket(Credentials credentials)
                                            throws TicketException
Create a TicketGrantingTicket based on opaque credentials supplied by the caller.

Parameters:
credentials - The credentials to create the ticket for
Returns:
The String identifier of the ticket (may not be null).
Throws:
TicketException - if ticket cannot be created

grantServiceTicket

java.lang.String grantServiceTicket(java.lang.String ticketGrantingTicketId,
                                    Service service)
                                    throws TicketException
Grant a ServiceTicket for a Service.

Parameters:
ticketGrantingTicketId - Proof of prior authentication.
service - The target service of the ServiceTicket.
Returns:
the ServiceTicket for target Service.
Throws:
TicketException - if the ticket could not be created.

grantServiceTicket

java.lang.String grantServiceTicket(java.lang.String ticketGrantingTicketId,
                                    Service service,
                                    Credentials credentials)
                                    throws TicketException
Grant a ServiceTicket for a Service *if* the principal resolved from the credentials matches the principal associated with the TicketGrantingTicket.

Parameters:
ticketGrantingTicketId - Proof of prior authentication.
service - The target service of the ServiceTicket.
credentials - the Credentials to present to receive the ServiceTicket
Returns:
the ServiceTicket for target Service.
Throws:
TicketException - if the ticket could not be created.

validateServiceTicket

Assertion validateServiceTicket(java.lang.String serviceTicketId,
                                Service service)
                                throws TicketException
Validate a ServiceTicket for a particular Service.

Parameters:
serviceTicketId - Proof of prior authentication.
service - Service wishing to validate a prior authentication.
Returns:
ServiceTicket if valid for the service
Throws:
TicketException - if there was an error validating the ticket.

destroyTicketGrantingTicket

void destroyTicketGrantingTicket(java.lang.String ticketGrantingTicketId)
Destroy a TicketGrantingTicket. This has the effect of invalidating any Ticket that was derived from the TicketGrantingTicket being destroyed.

Parameters:
ticketGrantingTicketId - the id of the ticket we want to destroy

delegateTicketGrantingTicket

java.lang.String delegateTicketGrantingTicket(java.lang.String serviceTicketId,
                                              Credentials credentials)
                                              throws TicketException
Delegate a TicketGrantingTicket to a Service for proxying authentication to other Services.

Parameters:
serviceTicketId - The service ticket that will delegate to a TicketGrantingTicket
credentials - The credentials of the service that wishes to have a TicketGrantingTicket delegated to it.
Returns:
TicketGrantingTicket that can grant ServiceTickets that proxy authentication.
Throws:
TicketException - if there was an error creating the ticket
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2010 Java Architectures Special Interest Group. All Rights Reserved.