Package org.eclipse.jetty.security.authentication

Class ClientCertAuthenticator

java.lang.Object
org.eclipse.jetty.security.authentication.LoginAuthenticator
org.eclipse.jetty.security.authentication.ClientCertAuthenticator
All Implemented Interfaces:
Authenticator
@Deprecated public class ClientCertAuthenticator extends LoginAuthenticator
Deprecated.
Prefer using SslClientCertAuthenticator

  • Constructor Details

    • ClientCertAuthenticator

      public ClientCertAuthenticator()
      Deprecated.

  • Method Details

    • getAuthMethod

      public String getAuthMethod()
      Deprecated.
      Returns:
      The name of the authentication method

    • validateRequest

      public Authentication validateRequest(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, boolean mandatory) throws ServerAuthException
      Deprecated.
      Description copied from interface: Authenticator
      Validate a request
      Parameters:
      req - The request
      res - The response
      mandatory - True if authentication is mandatory.
      Returns:
      An Authentication. If Authentication is successful, this will be a Authentication.User. If a response has been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will implement Authentication.ResponseSent. If Authentication is not mandatory, then a Authentication.Deferred may be returned.
      Throws:
      ServerAuthException - if unable to validate request

    • getKeyStore

      protected KeyStore getKeyStore(String storePath, String storeType, String storeProvider, String storePassword) throws Exception
      Deprecated.
      Loads keystore using an input stream or a file path in the same order of precedence. Required for integrations to be able to override the mechanism used to load a keystore in order to provide their own implementation.
      Parameters:
      storePath - path of keystore file
      storeType - keystore type
      storeProvider - keystore provider
      storePassword - keystore password
      Returns:
      created keystore
      Throws:
      Exception - if unable to get keystore

    • loadCRL

      protected Collection<? extends CRL> loadCRL(String crlPath) throws Exception
      Deprecated.
      Loads certificate revocation list (CRL) from a file. Required for integrations to be able to override the mechanism used to load CRL in order to provide their own implementation.
      Parameters:
      crlPath - path of certificate revocation list file
      Returns:
      a (possibly empty) collection view of java.security.cert.CRL objects initialized with the data from the input stream.
      Throws:
      Exception - if unable to load CRL

    • secureResponse

      public boolean secureResponse(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, boolean mandatory, Authentication.User validatedUser) throws ServerAuthException
      Deprecated.
      Description copied from interface: Authenticator
      is response secure
      Parameters:
      req - the request
      res - the response
      mandatory - if security is mandator
      validatedUser - the user that was validated
      Returns:
      true if response is secure
      Throws:
      ServerAuthException - if unable to test response

    • isValidateCerts

      public boolean isValidateCerts()
      Deprecated.
      Returns:
      true if SSL certificate has to be validated

    • setValidateCerts

      public void setValidateCerts(boolean validateCerts)
      Deprecated.
      Parameters:
      validateCerts - true if SSL certificates have to be validated

    • getTrustStore

      public String getTrustStore()
      Deprecated.
      Returns:
      The file name or URL of the trust store location

    • setTrustStore

      public void setTrustStore(String trustStorePath)
      Deprecated.
      Parameters:
      trustStorePath - The file name or URL of the trust store location

    • getTrustStoreProvider

      public String getTrustStoreProvider()
      Deprecated.
      Returns:
      The provider of the trust store

    • setTrustStoreProvider

      public void setTrustStoreProvider(String trustStoreProvider)
      Deprecated.
      Parameters:
      trustStoreProvider - The provider of the trust store

    • getTrustStoreType

      public String getTrustStoreType()
      Deprecated.
      Returns:
      The type of the trust store (default "PKCS12")

    • setTrustStoreType

      public void setTrustStoreType(String trustStoreType)
      Deprecated.
      Parameters:
      trustStoreType - The type of the trust store

    • setTrustStorePassword

      public void setTrustStorePassword(String password)
      Deprecated.
      Parameters:
      password - The password for the trust store

    • getCrlPath

      public String getCrlPath()
      Deprecated.
      Get the crlPath.
      Returns:
      the crlPath

    • setCrlPath

      public void setCrlPath(String crlPath)
      Deprecated.
      Set the crlPath.
      Parameters:
      crlPath - the crlPath to set

    • getMaxCertPathLength

      public int getMaxCertPathLength()
      Deprecated.
      Returns:
      Maximum number of intermediate certificates in the certification path (-1 for unlimited)

    • setMaxCertPathLength

      public void setMaxCertPathLength(int maxCertPathLength)
      Deprecated.
      Parameters:
      maxCertPathLength - maximum number of intermediate certificates in the certification path (-1 for unlimited)

    • isEnableCRLDP

      public boolean isEnableCRLDP()
      Deprecated.
      Returns:
      true if CRL Distribution Points support is enabled

    • setEnableCRLDP

      public void setEnableCRLDP(boolean enableCRLDP)
      Deprecated.
      Enables CRL Distribution Points Support
      Parameters:
      enableCRLDP - true - turn on, false - turns off

    • isEnableOCSP

      public boolean isEnableOCSP()
      Deprecated.
      Returns:
      true if On-Line Certificate Status Protocol support is enabled

    • setEnableOCSP

      public void setEnableOCSP(boolean enableOCSP)
      Deprecated.
      Enables On-Line Certificate Status Protocol support
      Parameters:
      enableOCSP - true - turn on, false - turn off

    • getOcspResponderURL

      public String getOcspResponderURL()
      Deprecated.
      Returns:
      Location of the OCSP Responder

    • setOcspResponderURL

      public void setOcspResponderURL(String ocspResponderURL)
      Deprecated.
      Set the location of the OCSP Responder.
      Parameters:
      ocspResponderURL - location of the OCSP Responder