com.ibm.as400.security.auth

Interface ProfileTokenImpl

  • All Known Implementing Classes:
    ProfileTokenImplNative


    public interface ProfileTokenImpl
    The ProfileTokenImpl interface provides the template for classes implementing behavior delegated by a ProfileTokenCredential.
    • Field Summary

      Fields 
      Modifier and Type Field and Description
      static java.lang.String PW_STR_NOPWD
      String constant for *NOPWD special value. 10 character blank padded
      static java.lang.String PW_STR_NOPWDCHK
      String constant for *NOPWDCHK special value. 10 character blank padded
    • Method Summary

      Methods 
      Modifier and Type Method and Description
      void destroy()
      Destroy or clear sensitive information maintained by the credential implementation.
      byte[] generateToken(java.lang.String uid, int pwdSpecialValue, int type, int timeoutInterval)
      Generates and returns a new profile token based on the provided information using a password special value.
      byte[] generateToken(java.lang.String uid, java.lang.String pwd, int type, int timeoutInterval)
      Deprecated. 
      As of V5R3, replaced by #generateTokenExtended(String,String,int,int) for password strings and generateToken(String,int,int,int) for password special values
      byte[] generateTokenExtended(java.lang.String uid, char[] pwd, int type, int timeoutInterval)
      Generates and returns a new profile token based on the provided information using a password string.
      int getTimeToExpiration()
      Returns the number of seconds before the credential is due to expire.
      int getVersion()
      Returns the version number for the implementation.
      boolean isCurrent()
      Indicates if the credential is still considered valid for authenticating to associated system services or performing related actions.
      void refresh()
      Updates or extends the validity period for the credential.
      byte[] refresh(int type, int timeoutInterval)
      Updates or extends the validity period for the credential.
      void setCredential(AS400Credential credential)
      Sets the credential delegating behavior to the implementation object.
      AS400Credential swap(boolean genRtnCr)
      Attempts to swap the thread identity based on this credential.
    • Field Detail

      • PW_STR_NOPWD

        static final java.lang.String PW_STR_NOPWD
        String constant for *NOPWD special value. 10 character blank padded
        See Also:
        Constant Field Values
      • PW_STR_NOPWDCHK

        static final java.lang.String PW_STR_NOPWDCHK
        String constant for *NOPWDCHK special value. 10 character blank padded
        See Also:
        Constant Field Values
    • Method Detail

      • generateToken

        byte[] generateToken(java.lang.String uid,
                           java.lang.String pwd,
                           int type,
                           int timeoutInterval)
                             throws RetrieveFailedException
        Deprecated. As of V5R3, replaced by #generateTokenExtended(String,String,int,int) for password strings and generateToken(String,int,int,int) for password special values
        Generates and returns a new profile token based on the provided information.
        Parameters:
        uid - The name of the user profile for which the token is to be generated.
        pwd - The user profile password (encoded).
        type - The type of token. Possible types are defined as fields on the ProfileTokenCredential class:
        • TYPE_SINGLE_USE
        • TYPE_MULTIPLE_USE_NON_RENEWABLE
        • TYPE_MULTIPLE_USE_RENEWABLE

        timeoutInterval - The number of seconds to expiration.
        Returns:
        The token bytes.
        Throws:
        RetrieveFailedException - If errors occur while generating the token.
      • generateToken

        byte[] generateToken(java.lang.String uid,
                           int pwdSpecialValue,
                           int type,
                           int timeoutInterval)
                             throws RetrieveFailedException
        Generates and returns a new profile token based on the provided information using a password special value.
        Parameters:
        uid - The name of the user profile for which the token is to be generated.
        pwdSpecialValue - A password special value. Possible types are defined as fields on the ProfileTokenCredential class:
        • PW_NOPWD
        • PW_NOPWDCHK

        type - The type of token. Possible types are defined as fields on the ProfileTokenCredential class:
        • TYPE_SINGLE_USE
        • TYPE_MULTIPLE_USE_NON_RENEWABLE
        • TYPE_MULTIPLE_USE_RENEWABLE

        timeoutInterval - The number of seconds to expiration.
        Returns:
        The token bytes.
        Throws:
        RetrieveFailedException - If errors occur while generating the token.
      • generateTokenExtended

        byte[] generateTokenExtended(java.lang.String uid,
                                   char[] pwd,
                                   int type,
                                   int timeoutInterval)
                                     throws RetrieveFailedException
        Generates and returns a new profile token based on the provided information using a password string.
        Parameters:
        uid - The name of the user profile for which the token is to be generated.
        pwd - The user profile password (encoded). Special values are not supported by this method.
        type - The type of token. Possible types are defined as fields on the ProfileTokenCredential class:
        • TYPE_SINGLE_USE
        • TYPE_MULTIPLE_USE_NON_RENEWABLE
        • TYPE_MULTIPLE_USE_RENEWABLE

        timeoutInterval - The number of seconds to expiration.
        Returns:
        The token bytes.
        Throws:
        RetrieveFailedException - If errors occur while generating the token.
      • refresh

        byte[] refresh(int type,
                     int timeoutInterval)
                       throws RefreshFailedException
        Updates or extends the validity period for the credential.

        Generates a new profile token based on the previously established token with the given type and timeoutInterval.

        This method is provided to handle cases where it is desirable to allow for a more restrictive type of token or a different timeout interval when a new token is generated during the refresh.

        Parameters:
        type - The type of token. Possible types are defined as fields on this class:
        • TYPE_SINGLE_USE
        • TYPE_MULTIPLE_USE_NON_RENEWABLE
        • TYPE_MULTIPLE_USE_RENEWABLE

        timeoutInterval - The number of seconds before expiration.
        Returns:
        The new token.
        Throws:
        RefreshFailedException - If errors occur during refresh.
      • destroy

        void destroy()
                     throws DestroyFailedException
        Destroy or clear sensitive information maintained by the credential implementation.

        Subsequent requests may result in a NullPointerException.

        Throws:
        DestroyFailedException - If errors occur while destroying or clearing credential implementation data.
      • getTimeToExpiration

        int getTimeToExpiration()
                                throws RetrieveFailedException
        Returns the number of seconds before the credential is due to expire.
        Returns:
        The number of seconds before expiration; zero (0) if already expired.
        Throws:
        RetrieveFailedException - If errors occur while retrieving timeout information.
      • getVersion

        int getVersion()
        Returns the version number for the implementation.

        Used to ensure the implementation is valid for specific functions.

        Returns:
        The version number.
      • isCurrent

        boolean isCurrent()
        Indicates if the credential is still considered valid for authenticating to associated system services or performing related actions.

        An exception is not thrown on failure to remain consistent with the Refreshable interface (even though some credential classes currently avoid the dependency established by implementing the interface).

        Returns:
        true if valid; false if not valid or if the operation fails.
      • setCredential

        void setCredential(AS400Credential credential)
        Sets the credential delegating behavior to the implementation object.
        Parameters:
        credential - The associated credential.
      • swap

        AS400Credential swap(boolean genRtnCr)
                             throws SwapFailedException
        Attempts to swap the thread identity based on this credential.
        Parameters:
        genRtnCr - Indicates whether a return credential should be generated, even if supported. When appropriate, not generating a return credential can improve performance and avoid potential problems in creating the credential.
        Returns:
        A credential capable of swapping back to the original identity; classes not supporting this capability will return null. This value will also be null if genRtnCr is false.
        Throws:
        SwapFailedException - If errors occur while swapping thread identity.
        java.lang.SecurityException - If the caller does not have permission to modify the OS thread identity.