com.microsoft.tfs.core.credentials
Interface CredentialsManager

All Known Implementing Classes:
KeychainCredentialsManager, NullCredentialsManager, PersistenceStoreCredentialsManager, WinCredentialsManager

public interface CredentialsManager

Manages network authentication credentials. Implementations may use to secure system storage (Mac OS Keychain, Windows Credential Manager) or use a a non-secure storage mechanism (plain text in the filesystem). Call isSecure() to test whether the implementation offers secure storage.

Implementations are not required to support writing (saving) credentials.

Implementations may alter the URI before it is saved by setCredentials(CachedCredentials) and when it is matched by getCredentials(URI). A common alteration is to remove the path and query parts from the URI so only the scheme, host, and port are saved and matched. This lets a user authenticate to all resources on one server (TFS configuration server, TFS project collections, SharePoint sites, etc.) using a single saved credentials item.

Thread-safety:
thread-safe

Method Summary
 boolean canWrite()
          Tests whether this credentials provider is writable.
 CachedCredentials[] getCredentials()
          Returns all the credentials that are currently configured for any server.
 CachedCredentials getCredentials(java.net.URI serverURI)
          Provides the credentials for the given URI.
 java.lang.String getUIMechanismName()
          Gets the localized name of the storage mechanism this provider uses.
 boolean isSecure()
          Queries whether the credentials are stored in a secure mechanism as determined by the operating system, for example, Apple Keychain, GNOME Keyring, Windows CredMan, Eclipse's credential store, or encrypted using a system mechanism such as Windows DPAPI.
 boolean removeCredentials(CachedCredentials cachedCredentials)
          Removes the credentials for the given URI.
 boolean removeCredentials(java.net.URI uri)
          Removes the credentials for the given URI.
 boolean setCredentials(CachedCredentials cachedCredentials)
          Sets the credentials for the given URI.
 

Method Detail

getUIMechanismName

java.lang.String getUIMechanismName()
Gets the localized name of the storage mechanism this provider uses. The string can be in any format but it should be unique among implementations and cannot be empty.

Returns:
the human-readable name of the storage mechanism used (never null)

canWrite

boolean canWrite()
Tests whether this credentials provider is writable. Some credentials providers provide read-only views of the credentials data.

Returns:
true if the credentials provider is writable, false otherwise

isSecure

boolean isSecure()
Queries whether the credentials are stored in a secure mechanism as determined by the operating system, for example, Apple Keychain, GNOME Keyring, Windows CredMan, Eclipse's credential store, or encrypted using a system mechanism such as Windows DPAPI.

Returns:
true if these credentials are stored securely, false otherwise

getCredentials

CachedCredentials[] getCredentials()
Returns all the credentials that are currently configured for any server.

Returns:
All credentials that are configured (may be null)

getCredentials

CachedCredentials getCredentials(java.net.URI serverURI)
Provides the credentials for the given URI. The given URI may be a TFS server, an HTTP proxy or a TFS proxy.

This method may return CachedCredentials that match only some parts of the given URI (instead of all parts).

Parameters:
serverURI - The URI to connect to (never null)
Returns:
The credentials to connect with (never null)

setCredentials

boolean setCredentials(CachedCredentials cachedCredentials)
Sets the credentials for the given URI. The given URI may be a TFS server, an HTTP proxy or a TFS proxy.

Users should ensure that this credentials provider is writable by calling the canWrite() method for calling this one.

See class documentation for CredentialsManager for information on how this URI may be altered before being saved.

Parameters:
cachedCredentials - The credentials to connect with (never null)
Returns:
true if the credentials were successfully saved, false otherwise
Throws:
java.lang.RuntimeException - if the credentials store is not writable

removeCredentials

boolean removeCredentials(CachedCredentials cachedCredentials)
Removes the credentials for the given URI. Note that the given username and password need not match for a cached credentials object to be removed, only the server URI need match.

Users should ensure that this credentials provider is writable by calling the canWrite() method for calling this one.

Parameters:
cachedCredentials - The credentials to remove (not null)
Returns:
true if the credentials were successfully removed, false otherwise
Throws:
java.lang.RuntimeException - if the credentials store is not writable

removeCredentials

boolean removeCredentials(java.net.URI uri)
Removes the credentials for the given URI.

Users should ensure that this credentials provider is writable by calling the canWrite() method for calling this one.

Parameters:
cachedCredentials - The credentials to remove (not null)
Returns:
true if the credentials were successfully removed, false otherwise
Throws:
java.lang.RuntimeException - if the credentials store is not writable


© 2015 Microsoft. All rights reserved.