com.sun.im.provider
Interface SSOProvider


public interface SSOProvider

An SSO provider lets the IM server take advantage of a single-sign-on service. It is invoked by the server to validate session ids passed in password fields.


Method Summary
 void close()
          release resources used by the provider
 void open()
          initializes the authentication provider
 boolean refresh(java.lang.String uid)
          refresh the session associated with this user id so that it does not time out.
 boolean verify(java.lang.String uid, java.lang.String token, java.util.Map attributes, java.util.Set attributeNames)
          Validates that a session identifier is valid and belongs to the correct user, and if so fills an map of attributes with their values.
 

Method Detail

verify

public boolean verify(java.lang.String uid,
                      java.lang.String token,
                      java.util.Map attributes,
                      java.util.Set attributeNames)
Validates that a session identifier is valid and belongs to the correct user, and if so fills an map of attributes with their values. The attribute values must be either Collection or String objects. If an attribute is missing, the value provided in the map by the caller should be unchanged.

Parameters:
uid - username
token - string provided as user password. It may not be an actual user password, but a string based session id. When it is the case, this method extracts the session id and verifies that the pair user id + session id is a valid one
attributes - returned map containing attribute/value bindings for the user if authentication succeeded.
attributeNames - set of user attributes to retrieve from the user database. Note that the provider may retrieve more attributes.
Returns:
true if the session ID is valid, false otherwise

refresh

public boolean refresh(java.lang.String uid)
refresh the session associated with this user id so that it does not time out. This applies for systems that time out sessions when no new activity is observed during a given period of time. IM requests causing the session the session to be refreshed include new message new conference, save properties, subscribe.

Parameters:
uid - id of session owner
Returns:
true if the session could be refreshed. if false is returned the connection to the IM server is terminated.

open

public void open()
          throws java.lang.Exception
initializes the authentication provider

Throws:
java.lang.Exception - the authentication provider failed to initialized. It will not be used from this point on.

close

public void close()
release resources used by the provider