OpenIdProviderSpi (Seam Security External Authentication Services 3.0.0.CR2 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jboss.seam.security.external.spi
Interface OpenIdProviderSpi

public interface OpenIdProviderSpi

Interface that needs to be implemented by applications that want to act as an OpenID Provider. It is the counterpart of the OpenIdProviderApi. Most methods in this interface have a responseHolder parameter, which contains the HTTP response. This is a way of handing over the control over the browser to the application. The application is responsible for writing the response (either a normal HTML response, or an error, or a redirect). Typically, the application will redirect the user to a URL within the application.

Author:: Marcel Kolsteren

Method Summary
`void`	`authenticate(String realm, String userName, boolean immediate, ResponseHolder responseHolder)` This method is called after receipt of an authentication request from a relying party.
`void`	`fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes, ResponseHolder responseHolder)`
`boolean`	`userExists(String userName)` This method is called to check whether a username exists.

Method Detail

authenticate

void authenticate(String realm,
                  String userName,
                  boolean immediate,
                  ResponseHolder responseHolder)

This method is called after receipt of an authentication request from a relying party. Upon receipt of this call, the application should try to authenticate the user (either silently or interacting with the user). The result of the authentication needs to be reported back using the API calls OpenIdProviderApi.authenticationSucceeded(java.lang.String, javax.servlet.http.HttpServletResponse) or OpenIdProviderApi.authenticationFailed(javax.servlet.http.HttpServletResponse).

Parameters:: realm - represents the part of URL-space for which the authentication is valid; realms are designed to give the end user an indication of the scope of the authentication request; the application should present the realm when requesting the end user's approval for the authentication request; userName - this optional attribute indicates the end user that needs to be authenticated; if this parameter is null, the application needs to ask the use for her username; immediate - if this is true, there must be no interaction with the user (silent authentication); responseHolder -

userExists

boolean userExists(String userName)

This method is called to check whether a username exists.

Parameters:: userName - the username
Returns:: true if a user with that username exists, false otherwise

fetchParameters

void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes,
                     ResponseHolder responseHolder)