DefaultAuthenticatorFactory xref

View Javadoc

1   // ========================================================================
2   // Copyright (c) 2008-2009 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // All rights reserved. This program and the accompanying materials
5   // are made available under the terms of the Eclipse Public License v1.0
6   // and Apache License v2.0 which accompanies this distribution.
7   // The Eclipse Public License is available at 
8   // http://www.eclipse.org/legal/epl-v10.html
9   // The Apache License v2.0 is available at
10  // http://www.opensource.org/licenses/apache2.0.php
11  // You may elect to redistribute this code under either of these licenses. 
12  // ========================================================================
13  
14  package org.eclipse.jetty.security;
15  
16  import javax.servlet.ServletContext;
17  
18  import org.eclipse.jetty.http.security.Constraint;
19  import org.eclipse.jetty.security.Authenticator.AuthConfiguration;
20  import org.eclipse.jetty.security.authentication.BasicAuthenticator;
21  import org.eclipse.jetty.security.authentication.ClientCertAuthenticator;
22  import org.eclipse.jetty.security.authentication.DigestAuthenticator;
23  import org.eclipse.jetty.security.authentication.FormAuthenticator;
24  import org.eclipse.jetty.security.authentication.SpnegoAuthenticator;
25  import org.eclipse.jetty.server.Server;
26  
27  /* ------------------------------------------------------------ */
28  /**
29   * The Default Authenticator Factory.
30   * Uses the {@link AuthConfiguration#getAuthMethod()} to select an {@link Authenticator} from: <ul>
31   * <li>{@link org.eclipse.jetty.security.authentication.BasicAuthenticator}</li>
32   * <li>{@link org.eclipse.jetty.security.authentication.DigestAuthenticator}</li>
33   * <li>{@link org.eclipse.jetty.security.authentication.FormAuthenticator}</li>
34   * <li>{@link org.eclipse.jetty.security.authentication.ClientCertAuthenticator}</li>
35   * </ul>
36   * All authenticators derived from {@link org.eclipse.jetty.security.authentication.LoginAuthenticator} are 
37   * wrapped with a {@link org.eclipse.jetty.security.authentication.DeferredAuthentication}
38   * instance, which is used if authentication is not mandatory.
39   * 
40   * The Authentications from the {@link org.eclipse.jetty.security.authentication.FormAuthenticator} are always wrapped in a 
41   * {@link org.eclipse.jetty.security.authentication.SessionAuthentication}
42   * <p>
43   * If a {@link LoginService} has not been set on this factory, then
44   * the service is selected by searching the {@link Server#getBeans(Class)} results for
45   * a service that matches the realm name, else the first LoginService found is used.
46   *
47   */
48  public class DefaultAuthenticatorFactory implements Authenticator.Factory
49  {
50      LoginService _loginService;
51      
52      public Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService)
53      {
54          String auth=configuration.getAuthMethod();
55          Authenticator authenticator=null;
56          
57          if (auth==null || Constraint.__BASIC_AUTH.equalsIgnoreCase(auth))
58              authenticator=new BasicAuthenticator();
59          else if (Constraint.__DIGEST_AUTH.equalsIgnoreCase(auth))
60              authenticator=new DigestAuthenticator();
61          else if (Constraint.__FORM_AUTH.equalsIgnoreCase(auth))
62              authenticator=new FormAuthenticator();
63          else if ( Constraint.__SPNEGO_AUTH.equalsIgnoreCase(auth) )
64              authenticator = new SpnegoAuthenticator();
65          if (Constraint.__CERT_AUTH.equalsIgnoreCase(auth)||Constraint.__CERT_AUTH2.equalsIgnoreCase(auth))
66              authenticator=new ClientCertAuthenticator();
67          
68          return authenticator;
69      }
70     
71      /* ------------------------------------------------------------ */
72      /**
73       * @return the loginService
74       */
75      public LoginService getLoginService()
76      {
77          return _loginService;
78      }
79  
80      /* ------------------------------------------------------------ */
81      /**
82       * @param loginService the loginService to set
83       */
84      public void setLoginService(LoginService loginService)
85      {
86          _loginService = loginService;
87      }
88  
89  }