Package org.jivesoftware.openfire.auth
Authentication and Authorization service interfaces and classes. There are three components:
- Authentication. Authentication is the process of verifying a user. Custom authentication implementations can be created by extending the
AuthProvider
interface. - Authorization. Authorization is the process of allowing an authenticated identity to choose a username. Default authorization will authorize an authenticated username to the same username only. Custom authorization implementations can be created by extending the
AuthorizationPolicy
interface. - Authorization Mapping. Mapping occurs when the client did not request any specific username. This provides a method of giving a default username in these situations. Custom authorization mappings can be created by extending the
AuthorizationMapping
interface.
-
Interface Summary Interface Description AuthorizationMapping This is the interface the used to provide default authorization identity when none was selected by the client.AuthorizationPolicy This is the interface the AuthorizationManager uses to conduct authorizations.AuthProvider Provider interface for authentication.AuthProviderMapper Implementations are used to determine what AuthProvider is to be used for a particular username. -
Class Summary Class Description AuthFactory Pluggable authentication service.AuthorizationBasedAuthProviderMapper AAuthProviderMapper
that can be used to draw administrative users from another source than the regular, non- administrative users.AuthorizationManager Manages the AuthorizationProvider objects.AuthToken A token that proves that a user has successfully authenticated.AuthToken.OneTimeAuthToken A token that proves that a user uses a one time access token.DefaultAuthorizationMapping The default implementation that defines the default authorization identity to be used, when none was selected by the client.DefaultAuthorizationPolicy Different clients perform authentication differently, so this policy will authorize any authentication identity, or 'principal' (identity whose password will be used) to a requested authorization identity (identity to act as) that match specific conditions that are considered secure defaults for most installations.DefaultAuthProvider Default AuthProvider implementation.HybridAuthProvider The hybrid auth provider allows up to three AuthProvider implementations to be strung together to do chained authentication checking.JDBCAuthProvider The JDBC auth provider allows you to authenticate users against any database that you can connect to with JDBC.MappedAuthProvider AAuthProvider
that delegates to a user-specific AuthProvider.NativeAuthProvider Authenticates using the native operating system authentication method.POP3AuthProvider An AuthProvider that authenticates using a POP3 server.PropertyBasedAuthProviderMapper AAuthProviderMapper
that can be used to draw some users from another source than the other users.ScramUtils A utility class that provides methods that are useful for dealing with Salted Challenge Response Authentication Mechanism (SCRAM). -
Enum Summary Enum Description JDBCAuthProvider.PasswordType Indicates how the password is stored. -
Exception Summary Exception Description ConnectionException Thrown when Openfire is not able to connect to the user and group system.InternalUnauthenticatedException Thrown when Openfire is not able to authenticate itself into the user and group system.UnauthenticatedException Thrown if a user does not have permission to access a particular method.UnauthorizedException Thrown if a user does not have permission to access a particular method.