All Classes and Interfaces
Class
Description
Abstract base class for credential callbacks.
An implementation of
Attributes aggregating multiple instances.A callback to authorize anonymous authentication.
A collection of string attributes.
The entry collection for a mapping.
The entry collection for a mapping whose values are a distinct set.
An optional callback indicating the success or failure of the authentication operation.
A
Callback to inform a server authentication context of configured mechanism properties.An exception indicating that an identity authorization check has failed.
A general authorization exception.
An exception indicating that an authorization check failed for reasons not related to the actual authorization of
the identity.
A realm's authorization identity.
A callback used to query a server participant for the names of realms that it is prepared to offer.
Represents a cached identity, managed by an
IdentityCache.A callback that is capable of perform authorization based on the identities managed by an
IdentityCache.Helper utility methods for callback handlers.
The permission to change a role mapper category on a security identity.
A callback used to establish the channel binding for a security mechanism which supports it.
A callback used to acquire credentials.
A source for credentials.
A callback to inform the callback handler of a credential change.
Log messages and exceptions for Elytron.
A server-side
Callback to pass the decoded evidence principal from the callback handler
to the authentication mechanism.A decoder for extracting a principal from evidence.
A
Callback for use where credential verification is required.A variation on
NameCallback which allows exclusive access to the backing identity to be requested.A callback which provides extended information about its usage.
A variation on
ChoiceCallback which supports the extended callback interface.A version of
UnsupportedCallbackException which does not initialize a full stack trace, and thus is much
more efficient to construct.A flexible identity association which can have its current identity modified.
An identity cache is responsible to provide a specific caching strategy for identities.
A callback to inform a server authentication mechanism of a credential which may be cached on the authentication
identity (if any).
The public or private credentials retained by an identity, which can be used for authentication forwarding.
Establish whether the current identity has permission to complete an authentication ("log in").
A
RealmIdentityCache implementation providing a LRU cache.A map-backed attributes collection.
A simple mapping role mapper.
A builder for map backed role mappers.
A generalized mechanism factory which authenticates against a security domain.
A builder for a
MechanismAuthenticationFactory.A configuration that applies to an authentication mechanism.
A builder for authentication mechanism configuration.
A selector to choose which
MechanismConfiguration to use based on information know about the current authentication
attempt.Information about the current mechanism being used for authentication.
A
Callback to pass the information about the current mechanism to the CallbackHandler.A configuration for a single mechanism realm.
A builder for mechanism realm configuration.
A realm identity which is modifiable.
An iterator over realm identities.
A realm which can be modified.
A name rewriter.
A
NameCallback which is optional, for mechanisms that can accept a name from the server.A callback used to acquire parameter specifications, either for outbound or inbound authentication.
A callback used when a password reset is required.
An optional callback to inform the callback handler of the peer's principal identity.
An entity to which permissions can be mapped.
A permission mapper is responsible to enable permission mapping to a
SecurityDomain
in order to obtain and check permissions based on an previously authorized identity and any other authorization information (eg.: roles)
associated with it.An authorization callback similar to javase
AuthorizeCallback
but using a generic principal.A decoder for extracting a simple name from a principal.
An event indicating that authentication was abandoned before it could complete.
A realm authentication event.
A realm authorization event.
An authentication event with a definite outcome.
An event which is potentially relevant to a realm.
A class which provides an easy way to handle realm events based on the type of the event.
A realm event signifying a failed authentication.
A representation of a pre-authentication identity.
An event indicating that one identity attempted to authorize as another identity.
Provides a mechanism to plug a cache for
RealmIdentity instances obtained from a SecurityRealm.An event indicating that one identity attempted to authorize as another identity.
An event indicating that one identity attempted to authorize as another identity.
A realm mapper.
A realm event signifying authentication success.
An exception to indicate a general underlying failure of the realm.
A pattern role mapper.
Construct a new
RegexRoleMapper.Builder for creating the RegexRoleMapper.A
Callback to inform a server authentication context about current authentication request.A security audit event indicating that a log with RFC 3164 syslog format is occurring
A security audit event indicating that a log with RFC 3164 syslog format is occurring
A decoder to extract role information from an identity's attributes.
A role mapper is responsible for mapping roles based on their raw form.
A collection of roles.
The permission to run as another principal within some security domain.
An identity configuration which can be applied on a scoped basis.
A security authentication event.
An event to represent a failed authentication.
An event to represent a successful authentication.
A
SecurityEvent that has a definite outcome of being successful or not.A security domain.
A builder for creating new security domains.
A builder for a realm within a security domain.
Base class for security events emitted from a
SecurityDomain.An abstract class to be extended by visitor implementations for handling SecurityEvents.
A loaded and authenticated security identity.
A server-side callback used to pass a realm identity from the callback handler to the authentication mechanism.
A callback which indicates that the corresponding security layer (SASL client, SASL server, etc.) has been disposed
and any related resources may be relinquished.
A security event relating to a permission check.
An event to represent a failed permission check.
An event to represent a successful permission check.
A single authentication realm.
A security event signifying unavailable realm.
Server-side authentication context.
A callback used to acquire the server (or "host") credential.
An implementation of
Attributes.Entry which can be used by implementations of Attributes.A simple
PermissionMapper implementation that maps to pre-defined PermissionVerifier instances.A builder for simple permission mappers.
Mode defining behaviour when multiple mappings are found.
An optional callback which is used to inform the callback handler of the endpoint addresses of a connection being
authenticated.
Endpoint disposition kinds.
A callback handler which delegates to another callback handler, passing the local and/or peer socket address to that
callback handler on its first invocation.
A decoder to obtain role information using the source IP address runtime attribute from the identity.
A callback which provides information to the callback handler about the established SSLSession.
An SSL connection of some sort.
An abstract class to be extended by specific syslog audit events to be handled.
Utilities for handling the "tls-server-end-point" channel binding strategy used by various types
of authentication mechanisms.
An optional callback used to retrieve information about trusted certificate authorities
for authenticating peers.