Authentication and Authorization service interfaces and classes. There are three components:
- Authentication. Authentication is the process of verifying a user. Custom authentication implementations can be created by extending the
- Authorization. Authorization is the process of allowing an authenticated identity to choose a username. Default authorization will authorize an authenticated username to the same username only. Custom authorization implementations can be created by extending the
- Authorization Mapping. Mapping occurs when the client did not request any specific username. This provides a method of giving a default username in these situations. Custom authorization mappings can be created by extending the
Interface Summary Interface Description AuthorizationMappingThis is the interface the used to provide default defualt authorization ID's when none was selected by the client. AuthorizationPolicyThis is the interface the AuthorizationManager uses to conduct authorizations. AuthProviderProvider interface for authentication. AuthProviderMapperImplementations are used to determine what AuthProvider is to be used for a particular username.
Class Summary Class Description AuthFactoryPluggable authentication service. AuthorizationBasedAuthProviderMapperA
AuthProviderMapperthat can be used to draw administrative users from another source than the regular, non- administrative users.
AuthorizationManagerManages the AuthorizationProvider objects. AuthTokenA token that proves that a user has successfully authenticated. AuthToken.OneTimeAuthTokenA token that proves that a user uses an one time access token. DefaultAuthorizationMappingThis is the interface the used to provide default default authorization ID's when none was selected by the client. DefaultAuthorizationPolicyDifferent clients perform authentication differently, so this policy will authorize any principal to a requested user that match specific conditions that are considered secure defaults for most installations. DefaultAuthProviderDefault AuthProvider implementation. HybridAuthProviderThe hybrid auth provider allows up to three AuthProvider implementations to be strung together to do chained authentication checking. JDBCAuthProviderThe JDBC auth provider allows you to authenticate users against any database that you can connect to with JDBC. MappedAuthProviderA
AuthProviderthat delegates to a user-specific AuthProvider.
NativeAuthProviderAuthenticates using the native operating system authentication method. POP3AuthProviderAn AuthProvider that authenticates using a POP3 server. PropertyBasedAuthProviderMapperA
AuthProviderMapperthat can be used to draw some users from another source than the other users.
ScramUtilsA utility class that provides methods that are useful for dealing with Salted Challenge Response Authentication Mechanism (SCRAM).
Enum Summary Enum Description JDBCAuthProvider.PasswordTypeIndicates how the password is stored.
Exception Summary Exception Description ConnectionExceptionThrown when Openfire is not able to connect to the user and group system. InternalUnauthenticatedExceptionThrown when Openfire is not able to authenticate itself into the user and group system. UnauthenticatedExceptionThrown if a user does not have permission to access a particular method. UnauthorizedExceptionThrown if a user does not have permission to access a particular method.