Class SslClientCertAuthenticator

java.lang.Object

org.eclipse.jetty.security.authentication.LoginAuthenticator

org.eclipse.jetty.security.authentication.SslClientCertAuthenticator

All Implemented Interfaces:

Authenticator

public class SslClientCertAuthenticator
extends LoginAuthenticator

CLIENT-CERT authenticator.

This Authenticator implements client certificate authentication. The client certificates available in the request will be verified against the configured SslContextFactory instance

Nested Class Summary

Nested classes/interfaces inherited from class LoginAuthenticator

LoginAuthenticator.LoggedOutAuthentication, LoginAuthenticator.UserAuthenticationSent, LoginAuthenticator.UserAuthenticationSucceeded

Nested classes/interfaces inherited from interface Authenticator

Authenticator.Configuration, Authenticator.Factory, Authenticator.NoOp

Field Summary

Fields inherited from class LoginAuthenticator

_identityService, _loginService

Fields inherited from interface Authenticator

BASIC_AUTH, CERT_AUTH, CERT_AUTH2, DIGEST_AUTH, FORM_AUTH, MULTI_AUTH, NEGOTIATE_AUTH, OPENID_AUTH, SIWE_AUTH, SPNEGO_AUTH

Constructor Summary

Constructors

Constructor	Description
SslClientCertAuthenticator(SslContextFactory sslContextFactory)

Method Summary

Modifier and Type	Method	Description
String	getAuthenticationType()
boolean	isValidateCerts()
void	setValidateCerts(boolean validateCerts)	Set true if SSL certificates have to be validated..
AuthenticationState	validateRequest(Request req, Response res, Callback callback)	Attempts to validate the authentication state of the given request.

Methods inherited from class LoginAuthenticator

getAuthorizationHeader, getChallengeHeader, getLoginService, getUnauthorizedStatusCode, isProxyMode, login, logout, setConfiguration, setLoginService, setProxyMode, updateSession

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface Authenticator

getConstraintAuthentication, prepareRequest

Constructor Details

SslClientCertAuthenticator

public SslClientCertAuthenticator(SslContextFactory sslContextFactory)

Method Details

getAuthenticationType

public String getAuthenticationType()

Returns:

The name of the authentication type

validateRequest

public AuthenticationState validateRequest(Request req,
 Response res,
 Callback callback)
                                    throws ServerAuthException

Description copied from interface: Authenticator

Attempts to validate the authentication state of the given request.

If authentication is successful, an AuthenticationState.Succeeded is returned. If the authenticator has already committed a response (for either success or failure), the returned value will implement AuthenticationState.ResponseSent, and the provided Callback will be eventually be completed, otherwise the caller is responsible for completing the Callback.

A null return value indicates that no authentication state could be established, possibly because the response has already been committed.

Parameters:

req - the request to validate.

res - the response associated with the request.

callback - the callback to use for writing a response.

Returns:

an AuthenticationState, or null if authentication could not be resolved.

Throws:

ServerAuthException - if unable to validate request.

isValidateCerts

public boolean isValidateCerts()

Returns:

true if SSL certificate has to be validated.

setValidateCerts

public void setValidateCerts(boolean validateCerts)

Set true if SSL certificates have to be validated..

Parameters:

validateCerts - true if SSL certificates have to be validated.