Class SslClientCertAuthenticator

java.lang.Object
org.eclipse.jetty.security.authentication.LoginAuthenticator
org.eclipse.jetty.security.authentication.SslClientCertAuthenticator
All Implemented Interfaces:
Authenticator

public class SslClientCertAuthenticator extends LoginAuthenticator
CLIENT-CERT authenticator.

This Authenticator implements client certificate authentication. The client certificates available in the request will be verified against the configured SslContextFactory instance

  • Constructor Details

    • SslClientCertAuthenticator

      public SslClientCertAuthenticator(SslContextFactory sslContextFactory)
  • Method Details

    • getAuthMethod

      public String getAuthMethod()
      Returns:
      The name of the authentication method
    • validateRequest

      public Authentication validateRequest(jakarta.servlet.ServletRequest req, jakarta.servlet.ServletResponse res, boolean mandatory) throws ServerAuthException
      Description copied from interface: Authenticator
      Validate a request
      Parameters:
      req - The request
      res - The response
      mandatory - True if authentication is mandatory.
      Returns:
      An Authentication. If Authentication is successful, this will be a Authentication.User. If a response has been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will implement Authentication.ResponseSent. If Authentication is not mandatory, then a Authentication.Deferred may be returned.
      Throws:
      ServerAuthException - if unable to validate request
    • secureResponse

      public boolean secureResponse(jakarta.servlet.ServletRequest req, jakarta.servlet.ServletResponse res, boolean mandatory, Authentication.User validatedUser) throws ServerAuthException
      Description copied from interface: Authenticator
      is response secure
      Parameters:
      req - the request
      res - the response
      mandatory - if security is mandator
      validatedUser - the user that was validated
      Returns:
      true if response is secure
      Throws:
      ServerAuthException - if unable to test response
    • isValidateCerts

      public boolean isValidateCerts()
      Returns:
      true if SSL certificate has to be validated.
    • setValidateCerts

      public void setValidateCerts(boolean validateCerts)
      Parameters:
      validateCerts - true if SSL certificates have to be validated.