org.jboss.security.srp
Interface SRPVerifierStore
- All Known Implementing Classes:
- PropertiesVerifierStore (src) , SerialObjectStore (src)
- public interface SRPVerifierStore
An interface describing the requirements of a password verifier store.
This is an abstraction that allows the information
needed by the server to be plugged in from various sources. E.g., LDAP
servers, databases, files, etc.
getUserVerifier
public SRPVerifierStore.VerifierInfo (src) getUserVerifier(java.lang.String username)
throws java.security.KeyException,
java.io.IOException
- Get the indicated user's password verifier information.
- Throws:
java.security.KeyException
java.io.IOException
setUserVerifier
public void setUserVerifier(java.lang.String username,
SRPVerifierStore.VerifierInfo (src) info)
throws java.io.IOException
- Set the indicated users' password verifier information. This is equivalent
to changing a user's password and should generally invalidate any existing
SRP sessions and caches.
- Throws:
java.io.IOException
verifyUserChallenge
public void verifyUserChallenge(java.lang.String username,
java.lang.Object auxChallenge)
throws java.lang.SecurityException
- Verify an optional auxillary challenge sent from the client to the server. The
auxChallenge object will have been decrypted if it was sent encrypted from the
client. An example of a auxillary challenge would be the validation of a hardware
token (SafeWord, SecureID, iButton) that the server validates to further strengthen
the SRP password exchange.
- Throws:
java.lang.SecurityException