com.ibm.portal.portlet.service.credentialvault.credentials
Interface Credential
- All Known Subinterfaces:
- ActiveCredential, BinaryCredential, BinaryPassiveCredential, HttpBasicAuthCredential, HttpFormBasedAuthCredential, JaasSubjectCredential, JaasSubjectPassiveCredential, JavaMailCredential, LtpaTokenCredential, PassiveCredential, SimplePassiveCredential, SiteMinderTokenCredential, SSMTokenCredential, UserPasswordCredential, UserPasswordPassiveCredential, WebSealTokenCredential
- All Known Implementing Classes:
- ActiveCredential, BinaryCredential, BinaryPassiveCredential, Credential, HttpBasicAuthCredential, HttpFormBasedAuthCredential, JaasSubjectCredential, JaasSubjectPassiveCredential, JavaMailCredential, LtpaTokenCredential, PassiveCredential, SimplePassiveCredential, SiteMinderTokenCredential, SSMTokenCredential, UserPasswordCredential, UserPasswordPassiveCredential, WebSealTokenCredential
public interface Credential
Base interface class for all credential classes.
The different terms need to be distinguished when talking of (active) credentials:
- A Credential Type is an implementation of an abstract credential class that has
authentication methods specialized to perform a certain kind of authentication (e.g. form-based web authentication).
Credential Types will be defined and delivered by the portal framework. They are registered in a credential registry and can be retrieved through
a method on the
CredentialVaultService
.
- A Credential Instance is an Credential Type that has been configured to work with one specific backend (application),
or simply spoken:
Credential Instance = Credential Type + configuration data
(e.g. the mycompany-webmail-credential is a form-based web authentication credential plus information about the postURL,
userid attribute name and password attribute name).
- A Concrete Credential Object is a Java object of a Credential Instance of the kind that is passed between
vault (service) and portlet. This credential object is user specific as it carries the user secret with it.
Note: All concrete subclasses must provide a no-argument constructor. The credentials are initialized
by the init
method.
- Since:
- 5.1.0.1
Field Summary |
static java.lang.String |
KEY_CREDENTIAL_SECRET
Key for the map provided in the init() method: The credential's secret - e.g. |
Method Summary |
int |
getSecretType()
Returns the credential's Secret Type in terms of the constants declared in
the Credential Vault Portlet Service.
Should be overwritten by any child class that "overwrites" the secret attribute. |
void |
init(java.util.Map<java.lang.String,java.lang.Object> config)
Initializes the credential with the specified configuration. |
boolean |
isActive()
Deprecated. Since 8.5. |
KEY_CREDENTIAL_SECRET
static final java.lang.String KEY_CREDENTIAL_SECRET
- Key for the map provided in the init() method: The credential's secret - e.g. BinaryCredentialSecret
- See Also:
- Constant Field Values
init
void init(java.util.Map<java.lang.String,java.lang.Object> config)
throws CredentialVaultException
- Initializes the credential with the specified configuration.
Subclasses need to override this method to retrieve the necessary configuration information (e.g. the secret)
- Parameters:
config
- Configuration data that is needed to initialize the credential.
What parameters are needed is specific to the actual credential type.
Generally, this data is collected from three different sources:
- The credential's client (usually the portlet) specifies backend application specific parameters (like e.g. 'login url')
- The portal's credential configuration store delivers credential slot specific parameters
- The actual credential store contributes the credential secret
- Throws:
CredentialVaultException
- If any mandatory parameter is missing or has a wrong object type as value.
getSecretType
int getSecretType()
- Returns the credential's Secret Type in terms of the constants declared in
the Credential Vault Portlet Service.
Should be overwritten by any child class that "overwrites" the secret attribute.
- Returns:
- int
Credential Secret Type Identifier
- See Also:
CredentialVaultService
isActive
boolean isActive()
- Deprecated. Since 8.5.
- Returns whether a credential is active or passive.
Should be overwritten by any implementing classes.
- Returns:
- boolean
true
if credential is active, false
otherwise - See Also:
ActiveCredential
,
PassiveCredential