Package org.eclipse.jetty.security
Interface Authenticator
- All Known Implementing Classes:
Authenticator.NoOp,BasicAuthenticator,DigestAuthenticator,FormAuthenticator,JaspiAuthenticator,LoginAuthenticator,OpenIdAuthenticator,SPNEGOAuthenticator,SslClientCertAuthenticator
public interface Authenticator
Authenticator Interface
An Authenticator is responsible for checking requests and sending
response challenges in order to authenticate a request.
Various types of AuthenticationState are returned in order to
signal the next step in authentication.
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic interfaceAuthenticator Configurationstatic interfaceAuthenticator Factorystatic class -
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptiondefault Constraint.AuthorizationgetConstraintAuthentication(String pathInContext, Constraint.Authorization existing, Function<Boolean, Session> getSession) Get anConstraint.Authorizationapplicable to the path for this authenticator.default RequestprepareRequest(Request request, AuthenticationState authenticationState) Called aftervalidateRequest(Request, Response, Callback)and before callingRequest.Handler.handle(Request, Response, Callback)of the nested handler.voidsetConfiguration(Authenticator.Configuration configuration) Configure the AuthenticatorvalidateRequest(Request request, Response response, Callback callback) Validate a request
-
Field Details
-
BASIC_AUTH
- See Also:
-
FORM_AUTH
- See Also:
-
DIGEST_AUTH
- See Also:
-
CERT_AUTH
- See Also:
-
CERT_AUTH2
- See Also:
-
SPNEGO_AUTH
- See Also:
-
NEGOTIATE_AUTH
- See Also:
-
OPENID_AUTH
- See Also:
-
-
Method Details
-
setConfiguration
Configure the Authenticator- Parameters:
configuration- the configuration
-
getAuthenticationType
String getAuthenticationType()- Returns:
- The name of the authentication type
-
prepareRequest
Called aftervalidateRequest(Request, Response, Callback)and before callingRequest.Handler.handle(Request, Response, Callback)of the nested handler. This may be used by anAuthenticatorto restore method or content from a previous request that was challenged.- Parameters:
request- the request to prepare for handlingauthenticationState- The authentication for the request
-
getConstraintAuthentication
default Constraint.Authorization getConstraintAuthentication(String pathInContext, Constraint.Authorization existing, Function<Boolean, Session> getSession) Get anConstraint.Authorizationapplicable to the path for this authenticator. This is typically used to vary protection on special URIs known to a specificAuthenticator(e.g. /j_security_check for theFormAuthenticator.- Parameters:
pathInContext- The pathInContext to potentially constrain.existing- The existing authentication constraint for the pathInContext determined independently ofAuthenticatorgetSession- Function to get or create aSession.- Returns:
- The
Constraint.Authorizationto apply.
-
validateRequest
AuthenticationState validateRequest(Request request, Response response, Callback callback) throws ServerAuthException Validate a request- Parameters:
request- The requestresponse- The responsecallback- the callback to use for writing a response- Returns:
- An Authentication. If Authentication is successful, this will be a
AuthenticationState.Succeeded. If a response has been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will implementAuthenticationState.ResponseSent. - Throws:
ServerAuthException- if unable to validate request
-