Interface Authenticator
- All Known Implementing Classes:
Authenticator.NoOp
,BasicAuthenticator
,DigestAuthenticator
,EthereumAuthenticator
,FormAuthenticator
,JaspiAuthenticator
,JaspiAuthenticator
,LoginAuthenticator
,MultiAuthenticator
,OpenIdAuthenticator
,SPNEGOAuthenticator
,SslClientCertAuthenticator
public interface Authenticator
Authenticator Interface
An Authenticator is responsible for checking requests and sending
response challenges in order to authenticate a request.
Various types of AuthenticationState
are returned in order to
signal the next step in authentication.
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic interface
Authenticator Configurationstatic interface
Authenticator Factorystatic class
-
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptiondefault Constraint.Authorization
getConstraintAuthentication
(String pathInContext, Constraint.Authorization existing, Function<Boolean, Session> getSession) Get anConstraint.Authorization
applicable to the path for this authenticator.default Request
prepareRequest
(Request request, AuthenticationState authenticationState) Called aftervalidateRequest(Request, Response, Callback)
and before callingRequest.Handler.handle(Request, Response, Callback)
of the nested handler.void
setConfiguration
(Authenticator.Configuration configuration) Configure the AuthenticatorvalidateRequest
(Request request, Response response, Callback callback) Attempts to validate the authentication state of the given request.
-
Field Details
-
BASIC_AUTH
- See Also:
-
FORM_AUTH
- See Also:
-
DIGEST_AUTH
- See Also:
-
CERT_AUTH
- See Also:
-
CERT_AUTH2
- See Also:
-
SPNEGO_AUTH
- See Also:
-
NEGOTIATE_AUTH
- See Also:
-
OPENID_AUTH
- See Also:
-
SIWE_AUTH
- See Also:
-
MULTI_AUTH
- See Also:
-
-
Method Details
-
setConfiguration
Configure the Authenticator- Parameters:
configuration
- the configuration
-
getAuthenticationType
String getAuthenticationType()- Returns:
- The name of the authentication type
-
prepareRequest
Called aftervalidateRequest(Request, Response, Callback)
and before callingRequest.Handler.handle(Request, Response, Callback)
of the nested handler. This may be used by anAuthenticator
to restore method or content from a previous request that was challenged.- Parameters:
request
- the request to prepare for handlingauthenticationState
- The authentication for the request
-
getConstraintAuthentication
default Constraint.Authorization getConstraintAuthentication(String pathInContext, Constraint.Authorization existing, Function<Boolean, Session> getSession) Get anConstraint.Authorization
applicable to the path for this authenticator. This is typically used to vary protection on special URIs known to a specificAuthenticator
(e.g. /j_security_check for theFormAuthenticator
.- Parameters:
pathInContext
- The pathInContext to potentially constrain.existing
- The existing authentication constraint for the pathInContext determined independently ofAuthenticator
getSession
- Function to get or create aSession
.- Returns:
- The
Constraint.Authorization
to apply.
-
validateRequest
AuthenticationState validateRequest(Request request, Response response, Callback callback) throws ServerAuthException Attempts to validate the authentication state of the given request.If authentication is successful, an
AuthenticationState.Succeeded
is returned. If the authenticator has already committed a response (for either success or failure), the returned value will implementAuthenticationState.ResponseSent
, and the providedCallback
will be eventually be completed, otherwise the caller is responsible for completing theCallback
.A
null
return value indicates that no authentication state could be established, possibly because the response has already been committed.- Parameters:
request
- the request to validate.response
- the response associated with the request.callback
- the callback to use for writing a response.- Returns:
- an
AuthenticationState
, ornull
if authentication could not be resolved. - Throws:
ServerAuthException
- if unable to validate request.
-