org.csapi.jr.se.fw.fw_access.trust_and_security
Interface ClientAPILevelAuthentication

All Superinterfaces:
CsapiInterface, java.io.Serializable

public interface ClientAPILevelAuthentication
extends CsapiInterface

If the IpClientAPILevelAuthentication interface is implemented by a client, authenticate(), challenge(), abortAuthentication() and authenticationSucceeded() methods shall be implemented.


Method Summary
 void abortAuthentication()
          The framework uses this method to abort the authentication process where the client is authenticating the Framework.
 byte[] authenticate(byte[] challenge)
          Deprecated.  
 void authenticationSucceeded()
          The Framework uses this method to inform the client of the success of the authentication attempt.
 byte[] challenge(byte[] challenge)
          This method is used by the framework to authenticate the client.
 

Method Detail

authenticate

public byte[] authenticate(byte[] challenge)
Deprecated.  

This method is deprecated and replaced by challenge(). It shall only be used when the deprecated method initiateAuthentication() is used on the IpInitial interface instead of initiateAuthenticationWithVersion(). This method will be removed in a later release of the specification. This method is used by the framework to authenticate the client. The challenge will be encrypted using the mechanism prescribed by selectEncryptionMethod. The client must respond with the correct responses to the challenges presented by the framework. The number of exchanges is dependent on the policies of each side. The authentication of the client is deemed successful when the authenticationSucceeded method is invoked by the Framework. The invocation of this method may be interleaved with authenticate() calls by the client on the IpAPILevelAuthentication interface. The client shall respond immediately to authentication challenges from the Framework, and not wait until the Framework has responded to any challenge the client may issue. Returns : This is the response of the client application to the challenge of the framework in the current sequence. The response will be based on the challenge data, decrypted with the mechanism prescribed by selectEncryptionMethod().

Parameters:
challenge - The challenge presented by the framework to be responded to by the client. The challenge mechanism used will be in accordance with the IETF PPP Authentication Protocols - Challenge Handshake Authentication Protocol [RFC 1994, August1996]. The challenge will be encrypted with the mechanism prescribed by selectEncryptionMethod().

abortAuthentication

public void abortAuthentication()
The framework uses this method to abort the authentication process where the client is authenticating the Framework. This method is invoked if the framework wishes to abort the authentication process before it has been authenticated by the client, (unless the client responded incorrectly to a challenge in which case no further communication with the client should occur.) Calls to this method after the Framework has been authenticated by the client shall not result in an immediate removal of the Framework's authentication (the client may wish to authenticate the Framework again, however).


authenticationSucceeded

public void authenticationSucceeded()
The Framework uses this method to inform the client of the success of the authentication attempt. The client may invoke requestAccess on the Framework's APILevelAuthentication interface following invocation of this method.


challenge

public byte[] challenge(byte[] challenge)
This method is used by the framework to authenticate the client. The client must respond with the correct responses to the challenges presented by the framework. The number of exchanges is dependent on the policies of each side. The authentication of the client is deemed successful when the authenticationSucceeded method is invoked by the Framework. The invocation of this method may be interleaved with challenge() calls by the client on the IpAPILevelAuthentication interface. The client shall respond immediately to authentication challenges from the Framework, and not wait until the Framework has responded to any challenge the client may issue. This method shall only be used when the method initiateAuthenticationWithVersion() is used on the IpInitial interface. Returns : This is the response of the client application to the challenge of the framework in the current sequence. The formatting of this parameter shall be according to section 4.1 of RFC 1994. A complete CHAP Response packet shall be used to carry the response string. The Response packet shall make the contents of this returned parameter. The Name field of the CHAP Response packet shall be present but not contain any useful value.

Parameters:
challenge - The challenge presented by the framework to be responded to by the client. The challenge format used will be in accordance with the IETF PPP Authentication Protocols - Challenge Handshake Authentication Protocol (RFC 1994). The formatting of the challenge value shall be according to section 4.1 of RFC 1994. A complete CHAP Request packet shall be used to carry the challenge value. The Name field of the CHAP Request packet shall be present but not contain any useful value.