ClassDescriptionBase class for an
AuthModulethat identifies users based on an incoming HTTP request.Data holder for passing an
HttpRequestto a login call.Credentials for identifying as an application, for example the singleton application that represents a service account.Thrown when an
AuthModulefailed to perform the authentication process (backend not available, password does not match, ...).Data holder for information related to a verified authentication attempt.Tag interface that represent any kind of token submitted during login for identifying an application or user.Interface implemented by the Authentication and Authorization modules.Thrown when an
AuthModulefailed to perform the authorization process.Collection of roles, system and/or object privileges.Stores user, group and application information in the Yamcs database.Identifies users and service accounts based on authentication information stored in the Yamcs
Directory.Stores users and groups in the Yamcs DB.A group is way to manage a set of users.An AuthModule that enforces a login of one fixed user account, where the remote IP address must match one of the configured IP address rules.Wrapper around the (weird) JAAS configuration API.Does password-based login against a Kerberos host.An object privilege is the right to perform a particular action on an object.Type qualifier for grouping object privileges.AuthModule that identifies users against an external identity provider compliant with OpenID Connect (OIDC).AuthModule that identifies users based on an HTTP header property.Collection of system and object privileges.Responsible for Identity and Access Management (IAM).Represents an non-human service or application registered with Yamcs.Implementation-agnostic session store.An AuthModule that enforces a login of one fixed user accountImplements SPNEGO authentication against an external Kerberos host.A system privilege is the right to perform a particular action or to perform an action on any object of a particular type.Represents a token (or 'authorization_code' in oauth terms) issued by an external identity server.A user contains identifying information and a convenient set of methods to perform access control.A password-based token, usually associated with BASIC AUTH requests (convenient through curl)Covers a user session.