org.neo4j.server.security.enterprise.auth.plugin.api

Interface AuthToken

public interface AuthToken

The authentication token provided by the client, which is used to authenticate the subject's identity.

A common scenario is to have principal be a username and credentials be a password.

See Also:

AuthenticationPlugin.authenticate(AuthToken), AuthPlugin.authenticateAndAuthorize(AuthToken)

Method Summary

Modifier and Type	Method and Description
char[]	credentials() Returns the credentials that verifies the identity.
Map<String,Object>	parameters() Returns an optional custom parameter map if provided by the client.
String	principal() Returns the identity to authenticate.

Method Detail

principal

String principal()

Returns the identity to authenticate.

Most commonly this is a username.

Returns:

the identity to authenticate.

credentials

char[] credentials()

Returns the credentials that verifies the identity.

Most commonly this is a password.

The reason this is a character array and not a String, is so that sensitive information can be cleared from memory after useage without having to wait for the garbage collector to act.

Returns:

the credentials that verifies the identity.

parameters

Map<String,Object> parameters()

Returns an optional custom parameter map if provided by the client.

This can be used as a vehicle to send arbitrary auth data from a client application to a server-side auth plugin. Neo4j will act as a pure transport and will not touch the contents of this map.

Returns:

a custom parameter map (or an empty map if no parameters where provided by the client)