Interface AuthenticateOp

  • All Superinterfaces:
    SPIOperation

    public interface AuthenticateOp
    extends SPIOperation
    Authenticate an object based on their unique identifier and password.
    • Method Detail

      • authenticate

        Uid authenticate​(ObjectClass objectClass,
                         String username,
                         GuardedString password,
                         OperationOptions options)
        Simple authentication with two parameters presumed to be user name and password. The Connector developer is expected to attempt to authenticate these credentials natively. If the authentication fails the developer should throw a type of RuntimeException either IllegalArgumentException or if a native exception is available and if its of type RuntimeException simple throw it. If the native exception is not a RuntimeException wrap it in one and throw it. This will provide the most detail for logging problem and failed attempts.

        The developer is of course encourage to try and throw the most informative exception as possible. In that regards there are several exceptions provided in the exceptions package. For instance one of the most common is InvalidPasswordException.

        Parameters:
        objectClass - The object class to use for authenticate. Will typically be an account. Must not be null.
        username - the name based credential for authentication.
        password - the password based credential for authentication.
        options - additional options that impact the way this operation is run. If the caller passes null, the framework will convert this into an empty set of options, so SPI need not worry about this ever being null.
        Returns:
        Uid The uid of the account that was used to authenticate
        Throws:
        RuntimeException - if native authentication fails. If a native exception if available attempt to throw it.