diff --git a/cadc-util/build.gradle b/cadc-util/build.gradle
index 9c6db5ab..8343c3b1 100644
--- a/cadc-util/build.gradle
+++ b/cadc-util/build.gradle
@@ -16,7 +16,7 @@ sourceCompatibility = 1.8
group = 'org.opencadc'
-version = '1.9.11'
+version = '1.10.0'
description = 'OpenCADC core utility library'
def git_url = 'https://github.com/opencadc/core'
diff --git a/cadc-util/src/main/java/ca/nrc/cadc/auth/IdentityManager.java b/cadc-util/src/main/java/ca/nrc/cadc/auth/IdentityManager.java
index ee97a986..b73e15bf 100644
--- a/cadc-util/src/main/java/ca/nrc/cadc/auth/IdentityManager.java
+++ b/cadc-util/src/main/java/ca/nrc/cadc/auth/IdentityManager.java
@@ -69,6 +69,8 @@
package ca.nrc.cadc.auth;
+import java.net.URI;
+import java.util.Set;
import javax.security.auth.Subject;
/**
@@ -77,6 +79,18 @@
* @author pdowler
*/
public interface IdentityManager {
+
+ /**
+ * Get the set of authentication methods supported by the
+ * validate() method. Constants for the identifers are
+ * available in the Standards class in the
+ * cadc-registry library and derived from the
+ * IVOA SSO standard.
+ *
+ * @return set of security method identifiers
+ */
+ public Set getSecurityMethods();
+
/**
* Parse and validate any principals in the subject.
* Some principals, such as X500Principal, do not require validation
diff --git a/cadc-util/src/main/java/ca/nrc/cadc/auth/NoOpIdentityManager.java b/cadc-util/src/main/java/ca/nrc/cadc/auth/NoOpIdentityManager.java
index b2bf0cac..92e8c014 100644
--- a/cadc-util/src/main/java/ca/nrc/cadc/auth/NoOpIdentityManager.java
+++ b/cadc-util/src/main/java/ca/nrc/cadc/auth/NoOpIdentityManager.java
@@ -67,6 +67,10 @@
package ca.nrc.cadc.auth;
+import java.net.URI;
+import java.util.Collections;
+import java.util.Set;
+import java.util.TreeSet;
import javax.security.auth.Subject;
import org.apache.log4j.Logger;
@@ -80,6 +84,12 @@ public class NoOpIdentityManager implements IdentityManager {
public NoOpIdentityManager() {
}
+
+ @Override
+ public Set getSecurityMethods() {
+ return Collections.EMPTY_SET;
+ }
+
@Override
public Subject validate(Subject subject) throws NotAuthenticatedException {
diff --git a/cadc-util/src/main/java/ca/nrc/cadc/auth/X500IdentityManager.java b/cadc-util/src/main/java/ca/nrc/cadc/auth/X500IdentityManager.java
index 4a87b337..ff5e7c52 100644
--- a/cadc-util/src/main/java/ca/nrc/cadc/auth/X500IdentityManager.java
+++ b/cadc-util/src/main/java/ca/nrc/cadc/auth/X500IdentityManager.java
@@ -69,9 +69,11 @@
package ca.nrc.cadc.auth;
+import java.net.URI;
import java.security.Principal;
import java.util.HashSet;
import java.util.Set;
+import java.util.TreeSet;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
@@ -86,6 +88,7 @@
*/
public class X500IdentityManager implements IdentityManager {
+
@Override
public Subject validate(Subject subject) throws NotAuthenticatedException {
return subject;
@@ -121,4 +124,10 @@ public Subject toSubject(Object owner) {
return new Subject(false, pset, new HashSet(), new HashSet());
}
+ @Override
+ public Set getSecurityMethods() {
+ Set ret = new TreeSet<>();
+ ret.add(URI.create("ivo://ivoa.net/sso#tls-with-certificate"));
+ return ret;
+ }
}