Class ClientCertAuthenticator
java.lang.Object
org.eclipse.jetty.security.authentication.LoginAuthenticator
org.eclipse.jetty.security.authentication.ClientCertAuthenticator
- All Implemented Interfaces:
Authenticator
Deprecated.
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.eclipse.jetty.security.Authenticator
Authenticator.AuthConfiguration, Authenticator.Factory
-
Field Summary
Fields inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator
_identityService, _loginService
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionDeprecated.Deprecated.Get the crlPath.protected KeyStore
getKeyStore
(String storePath, String storeType, String storeProvider, String storePassword) Deprecated.Loads keystore using an input stream or a file path in the same order of precedence.int
Deprecated.Deprecated.Deprecated.Deprecated.Deprecated.boolean
Deprecated.boolean
Deprecated.boolean
Deprecated.protected Collection<? extends CRL>
Deprecated.Loads certificate revocation list (CRL) from a file.boolean
secureResponse
(jakarta.servlet.ServletRequest req, jakarta.servlet.ServletResponse res, boolean mandatory, Authentication.User validatedUser) Deprecated.is response securevoid
setCrlPath
(String crlPath) Deprecated.Set the crlPath.void
setEnableCRLDP
(boolean enableCRLDP) Deprecated.Enables CRL Distribution Points Supportvoid
setEnableOCSP
(boolean enableOCSP) Deprecated.Enables On-Line Certificate Status Protocol supportvoid
setMaxCertPathLength
(int maxCertPathLength) Deprecated.void
setOcspResponderURL
(String ocspResponderURL) Deprecated.Set the location of the OCSP Responder.void
setTrustStore
(String trustStorePath) Deprecated.void
setTrustStorePassword
(String password) Deprecated.void
setTrustStoreProvider
(String trustStoreProvider) Deprecated.void
setTrustStoreType
(String trustStoreType) Deprecated.void
setValidateCerts
(boolean validateCerts) Deprecated.validateRequest
(jakarta.servlet.ServletRequest req, jakarta.servlet.ServletResponse res, boolean mandatory) Deprecated.Validate a requestMethods inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator
getLoginService, login, logout, prepareRequest, renewSession, setConfiguration
-
Constructor Details
-
ClientCertAuthenticator
public ClientCertAuthenticator()Deprecated.
-
-
Method Details
-
getAuthMethod
Deprecated.- Returns:
- The name of the authentication method
-
validateRequest
public Authentication validateRequest(jakarta.servlet.ServletRequest req, jakarta.servlet.ServletResponse res, boolean mandatory) throws ServerAuthException Deprecated.Description copied from interface:Authenticator
Validate a request- Parameters:
req
- The requestres
- The responsemandatory
- True if authentication is mandatory.- Returns:
- An Authentication. If Authentication is successful, this will be a
Authentication.User
. If a response has been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will implementAuthentication.ResponseSent
. If Authentication is not mandatory, then aAuthentication.Deferred
may be returned. - Throws:
ServerAuthException
- if unable to validate request
-
getKeyStore
protected KeyStore getKeyStore(String storePath, String storeType, String storeProvider, String storePassword) throws Exception Deprecated.Loads keystore using an input stream or a file path in the same order of precedence. Required for integrations to be able to override the mechanism used to load a keystore in order to provide their own implementation.- Parameters:
storePath
- path of keystore filestoreType
- keystore typestoreProvider
- keystore providerstorePassword
- keystore password- Returns:
- created keystore
- Throws:
Exception
- if unable to get keystore
-
loadCRL
Deprecated.Loads certificate revocation list (CRL) from a file. Required for integrations to be able to override the mechanism used to load CRL in order to provide their own implementation.- Parameters:
crlPath
- path of certificate revocation list file- Returns:
- a (possibly empty) collection view of java.security.cert.CRL objects initialized with the data from the input stream.
- Throws:
Exception
- if unable to load CRL
-
secureResponse
public boolean secureResponse(jakarta.servlet.ServletRequest req, jakarta.servlet.ServletResponse res, boolean mandatory, Authentication.User validatedUser) throws ServerAuthException Deprecated.Description copied from interface:Authenticator
is response secure- Parameters:
req
- the requestres
- the responsemandatory
- if security is mandatorvalidatedUser
- the user that was validated- Returns:
- true if response is secure
- Throws:
ServerAuthException
- if unable to test response
-
isValidateCerts
public boolean isValidateCerts()Deprecated.- Returns:
- true if SSL certificate has to be validated
-
setValidateCerts
public void setValidateCerts(boolean validateCerts) Deprecated.- Parameters:
validateCerts
- true if SSL certificates have to be validated
-
getTrustStore
Deprecated.- Returns:
- The file name or URL of the trust store location
-
setTrustStore
Deprecated.- Parameters:
trustStorePath
- The file name or URL of the trust store location
-
getTrustStoreProvider
Deprecated.- Returns:
- The provider of the trust store
-
setTrustStoreProvider
Deprecated.- Parameters:
trustStoreProvider
- The provider of the trust store
-
getTrustStoreType
Deprecated.- Returns:
- The type of the trust store (default "PKCS12")
-
setTrustStoreType
Deprecated.- Parameters:
trustStoreType
- The type of the trust store
-
setTrustStorePassword
Deprecated.- Parameters:
password
- The password for the trust store
-
getCrlPath
Deprecated.Get the crlPath.- Returns:
- the crlPath
-
setCrlPath
Deprecated.Set the crlPath.- Parameters:
crlPath
- the crlPath to set
-
getMaxCertPathLength
public int getMaxCertPathLength()Deprecated.- Returns:
- Maximum number of intermediate certificates in the certification path (-1 for unlimited)
-
setMaxCertPathLength
public void setMaxCertPathLength(int maxCertPathLength) Deprecated.- Parameters:
maxCertPathLength
- maximum number of intermediate certificates in the certification path (-1 for unlimited)
-
isEnableCRLDP
public boolean isEnableCRLDP()Deprecated.- Returns:
- true if CRL Distribution Points support is enabled
-
setEnableCRLDP
public void setEnableCRLDP(boolean enableCRLDP) Deprecated.Enables CRL Distribution Points Support- Parameters:
enableCRLDP
- true - turn on, false - turns off
-
isEnableOCSP
public boolean isEnableOCSP()Deprecated.- Returns:
- true if On-Line Certificate Status Protocol support is enabled
-
setEnableOCSP
public void setEnableOCSP(boolean enableOCSP) Deprecated.Enables On-Line Certificate Status Protocol support- Parameters:
enableOCSP
- true - turn on, false - turn off
-
getOcspResponderURL
Deprecated.- Returns:
- Location of the OCSP Responder
-
setOcspResponderURL
Deprecated.Set the location of the OCSP Responder.- Parameters:
ocspResponderURL
- location of the OCSP Responder
-
SslClientCertAuthenticator