net.jini.core.constraint

Class ClientAuthentication

java.lang.Object

net.jini.core.constraint.ClientAuthentication

All Implemented Interfaces:

Serializable, InvocationConstraint

public final class ClientAuthentication
extends Object
implements InvocationConstraint, Serializable

Represents a constraint on authentication of the client to the server.

Network authentication by a client (to a server) is scoped and controlled by the client's Subject. The client's subject is the current subject associated with the thread making the remote call. The subject for a thread normally is set using Subject.doAs, and is retrieved from a thread by calling Subject.getSubject with the thread's current access control context (given by calling AccessController.getContext).

A client can only authenticate itself in a remote call as some subset of the principals in its Subject, and only if that subject contains the necessary public and/or private credentials required for the authentication mechanism used by the proxy and server implementations. However, additional principals and credentials might be derived as a result of authentication. A client generally must have permission (such as AuthenticationPermission) to authenticate itself in a remote call.

In the server, the result of authenticating the client typically is represented by a subject containing the subset of authenticated client principals plus any derived principals, and the public credentials used during authentication plus any derived public credentials. This subject typically is used by the server for authorization (access control) decisions; in particular, it is used to decide if the client is permitted to make the remote call. This subject normally does not contain any private credentials, and so cannot be used for authentication in further remote calls, unless Delegation is used.

Serialization for this class is guaranteed to produce instances that are comparable with ==.

Since:

2.0

Author:

Sun Microsystems, Inc.

See Also:

ClientMaxPrincipal, ClientMaxPrincipalType, ClientMinPrincipal, ClientMinPrincipalType, Delegation, AuthenticationPermission, Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
static ClientAuthentication	NO Do not authenticate the client to the server, so that the client remains anonymous.
static ClientAuthentication	YES Authenticate the client to the server.

Method Summary

Modifier and Type	Method and Description
String	toString() Returns a string representation of this object.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

YES

public static final ClientAuthentication YES

Authenticate the client to the server. The mechanisms and credentials used to authenticate the client are not specified by this constraint.

NO

public static final ClientAuthentication NO

Do not authenticate the client to the server, so that the client remains anonymous.

Method Detail

toString

public String toString()

Returns a string representation of this object.

Overrides:

toString in class Object