001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: MessageAuthenticator.java,v 1.2 2008/06/25 05:50:11 qcheng Exp $
026 *
027 */
028
029
030package com.sun.identity.wss.security.handler;
031
032import javax.security.auth.Subject;
033
034import com.sun.identity.wss.security.SecurityMechanism;
035import com.sun.identity.wss.security.SecurityToken;
036import com.sun.identity.wss.security.SecurityException;
037import com.sun.identity.wss.provider.ProviderConfig;
038
039
040/**
041 * This interface provides a pluggable authenticator for the webservices
042 * to authenticate their clients using various security mechanisms. 
043 * @supported.all.api
044 */ 
045public interface MessageAuthenticator {
046
047    /**
048     * Authenticates the web services client.
049     * @param subject the JAAS subject that may be used during authentication.
050     * @param securityMechanism the security mechanism that will be used to
051     *        authenticate the web services client.
052     * @param securityToken the security token that is used.
053     * @param config the provider configuration.
054     * @param secureMessage the secure SOAPMessage.
055     *      If the message security is provided by the WS-I profies, the
056     *      secureMessage object is of type
057     *     <code>com.sun.identity.wss.security.handler.SecureSOAPMessage</code>.     *     If the message security is provided by the Liberty ID-WSF
058     *     profiles, the secure message is of type
059     *     <code>com.sun.identity.liberty.ws.soapbinding.Message</code>.
060     * @param isLiberty boolean variable to indicate that the message
061     *        security is provided by the liberty security profiles.
062     * @exception SecurityException if there is a failure in authentication.
063     */
064    public Object authenticate(
065             Subject subject,
066             SecurityMechanism securityMechanism,
067             SecurityToken securityToken,
068             ProviderConfig config,
069             Object secureMessage,
070             boolean isLiberty) throws SecurityException; 
071}