com.ibm.as400.security.auth
Interface ProfileTokenImpl

All Superinterfaces:
com.ibm.as400.security.auth.AS400CredentialImpl
All Known Implementing Classes:
ProfileTokenImplNative

public interface ProfileTokenImpl
extends com.ibm.as400.security.auth.AS400CredentialImpl

The ProfileTokenImpl interface provides the template for classes implementing behavior delegated by a ProfileTokenCredential.


Field Summary
static String PW_STR_NOPWD
          String constant for *NOPWD special value. 10 character blank padded
static String PW_STR_NOPWDCHK
          String constant for *NOPWDCHK special value. 10 character blank padded
 
Method Summary
 void destroy()
          Destroy or clear sensitive information maintained by the credential implementation.
 byte[] generateToken(String uid, int pwdSpecialValue, int type, int timeoutInterval)
          Generates and returns a new profile token based on the provided information using a password special value.
 byte[] generateToken(String uid, String pwd, int type, int timeoutInterval)
          Deprecated. As of V5R3, replaced by generateTokenExtended(String,String,int,int) for password strings and generateToken(String,int,int,int) for password special values
 byte[] generateTokenExtended(String uid, String pwd, int type, int timeoutInterval)
          Generates and returns a new profile token based on the provided information using a password string.
 int getTimeToExpiration()
          Returns the number of seconds before the credential is due to expire.
 int getVersion()
          Returns the version number for the implementation.
 boolean isCurrent()
          Indicates if the credential is still considered valid for authenticating to associated system services or performing related actions.
 void refresh()
          Updates or extends the validity period for the credential.
 byte[] refresh(int type, int timeoutInterval)
          Updates or extends the validity period for the credential.
 void setCredential(AS400Credential credential)
          Sets the credential delegating behavior to the implementation object.
 AS400Credential swap(boolean genRtnCr)
          Attempts to swap the thread identity based on this credential.
 

Field Detail

PW_STR_NOPWD

public static final String PW_STR_NOPWD
String constant for *NOPWD special value. 10 character blank padded

See Also:
Constant Field Values

PW_STR_NOPWDCHK

public static final String PW_STR_NOPWDCHK
String constant for *NOPWDCHK special value. 10 character blank padded

See Also:
Constant Field Values
Method Detail

generateToken

public byte[] generateToken(String uid,
                            String pwd,
                            int type,
                            int timeoutInterval)
                     throws RetrieveFailedException
Deprecated. As of V5R3, replaced by generateTokenExtended(String,String,int,int) for password strings and generateToken(String,int,int,int) for password special values

Generates and returns a new profile token based on the provided information.

Parameters:
uid - The name of the user profile for which the token is to be generated.
pwd - The user profile password (encoded).
type - The type of token. Possible types are defined as fields on the ProfileTokenCredential class:
  • TYPE_SINGLE_USE
  • TYPE_MULTIPLE_USE_NON_RENEWABLE
  • TYPE_MULTIPLE_USE_RENEWABLE

timeoutInterval - The number of seconds to expiration.
Returns:
The token bytes.
Throws:
RetrieveFailedException - If errors occur while generating the token.

generateToken

public byte[] generateToken(String uid,
                            int pwdSpecialValue,
                            int type,
                            int timeoutInterval)
                     throws RetrieveFailedException
Generates and returns a new profile token based on the provided information using a password special value.

Parameters:
uid - The name of the user profile for which the token is to be generated.
pwdSpecialValue - A password special value. Possible types are defined as fields on the ProfileTokenCredential class:
  • PW_NOPWD
  • PW_NOPWDCHK

type - The type of token. Possible types are defined as fields on the ProfileTokenCredential class:
  • TYPE_SINGLE_USE
  • TYPE_MULTIPLE_USE_NON_RENEWABLE
  • TYPE_MULTIPLE_USE_RENEWABLE

timeoutInterval - The number of seconds to expiration.
Returns:
The token bytes.
Throws:
RetrieveFailedException - If errors occur while generating the token.

generateTokenExtended

public byte[] generateTokenExtended(String uid,
                                    String pwd,
                                    int type,
                                    int timeoutInterval)
                             throws RetrieveFailedException
Generates and returns a new profile token based on the provided information using a password string.

Parameters:
uid - The name of the user profile for which the token is to be generated.
pwd - The user profile password (encoded). Special values are not supported by this method.
type - The type of token. Possible types are defined as fields on the ProfileTokenCredential class:
  • TYPE_SINGLE_USE
  • TYPE_MULTIPLE_USE_NON_RENEWABLE
  • TYPE_MULTIPLE_USE_RENEWABLE

timeoutInterval - The number of seconds to expiration.
Returns:
The token bytes.
Throws:
RetrieveFailedException - If errors occur while generating the token.

refresh

public byte[] refresh(int type,
                      int timeoutInterval)
               throws RefreshFailedException
Updates or extends the validity period for the credential.

Generates a new profile token based on the previously established token with the given type and timeoutInterval.

This method is provided to handle cases where it is desirable to allow for a more restrictive type of token or a different timeout interval when a new token is generated during the refresh.

Parameters:
type - The type of token. Possible types are defined as fields on this class:
  • TYPE_SINGLE_USE
  • TYPE_MULTIPLE_USE_NON_RENEWABLE
  • TYPE_MULTIPLE_USE_RENEWABLE

timeoutInterval - The number of seconds before expiration.
Returns:
The new token.
Throws:
RefreshFailedException - If errors occur during refresh.

destroy

public void destroy()
             throws DestroyFailedException
Destroy or clear sensitive information maintained by the credential implementation.

Subsequent requests may result in a NullPointerException.

Throws:
DestroyFailedException - If errors occur while destroying or clearing credential implementation data.

getTimeToExpiration

public int getTimeToExpiration()
                        throws RetrieveFailedException
Returns the number of seconds before the credential is due to expire.

Returns:
The number of seconds before expiration; zero (0) if already expired.
Throws:
RetrieveFailedException - If errors occur while retrieving timeout information.

getVersion

public int getVersion()
Returns the version number for the implementation.

Used to ensure the implementation is valid for specific functions.

Returns:
The version number.

isCurrent

public boolean isCurrent()
Indicates if the credential is still considered valid for authenticating to associated system services or performing related actions.

An exception is not thrown on failure to remain consistent with the Refreshable interface (even though some credential classes currently avoid the dependency established by implementing the interface).

Returns:
true if valid; false if not valid or if the operation fails.

refresh

public void refresh()
             throws RefreshFailedException
Updates or extends the validity period for the credential.

Throws:
RefreshFailedException - If errors occur during refresh.

setCredential

public void setCredential(AS400Credential credential)
Sets the credential delegating behavior to the implementation object.

Parameters:
credential - The associated credential.

swap

public AS400Credential swap(boolean genRtnCr)
                     throws SwapFailedException
Attempts to swap the thread identity based on this credential.

Parameters:
genRtnCr - Indicates whether a return credential should be generated, even if supported. When appropriate, not generating a return credential can improve performance and avoid potential problems in creating the credential.
Returns:
A credential capable of swapping back to the original identity; classes not supporting this capability will return null. This value will also be null if genRtnCr is false.
Throws:
SwapFailedException - If errors occur while swapping thread identity.
SecurityException - If the caller does not have permission to modify the OS thread identity.