View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.security;
20  
21  import javax.servlet.ServletContext;
22  
23  import org.eclipse.jetty.security.Authenticator.AuthConfiguration;
24  import org.eclipse.jetty.security.authentication.BasicAuthenticator;
25  import org.eclipse.jetty.security.authentication.ClientCertAuthenticator;
26  import org.eclipse.jetty.security.authentication.DigestAuthenticator;
27  import org.eclipse.jetty.security.authentication.FormAuthenticator;
28  import org.eclipse.jetty.security.authentication.SpnegoAuthenticator;
29  import org.eclipse.jetty.server.Server;
30  import org.eclipse.jetty.util.security.Constraint;
31  
32  /* ------------------------------------------------------------ */
33  /**
34   * The Default Authenticator Factory.
35   * Uses the {@link AuthConfiguration#getAuthMethod()} to select an {@link Authenticator} from: <ul>
36   * <li>{@link org.eclipse.jetty.security.authentication.BasicAuthenticator}</li>
37   * <li>{@link org.eclipse.jetty.security.authentication.DigestAuthenticator}</li>
38   * <li>{@link org.eclipse.jetty.security.authentication.FormAuthenticator}</li>
39   * <li>{@link org.eclipse.jetty.security.authentication.ClientCertAuthenticator}</li>
40   * </ul>
41   * All authenticators derived from {@link org.eclipse.jetty.security.authentication.LoginAuthenticator} are 
42   * wrapped with a {@link org.eclipse.jetty.security.authentication.DeferredAuthentication}
43   * instance, which is used if authentication is not mandatory.
44   * 
45   * The Authentications from the {@link org.eclipse.jetty.security.authentication.FormAuthenticator} are always wrapped in a 
46   * {@link org.eclipse.jetty.security.authentication.SessionAuthentication}
47   * <p>
48   * If a {@link LoginService} has not been set on this factory, then
49   * the service is selected by searching the {@link Server#getBeans(Class)} results for
50   * a service that matches the realm name, else the first LoginService found is used.
51   *
52   */
53  public class DefaultAuthenticatorFactory implements Authenticator.Factory
54  {
55      LoginService _loginService;
56      
57      public Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService)
58      {
59          String auth=configuration.getAuthMethod();
60          Authenticator authenticator=null;
61          
62          if (auth==null || Constraint.__BASIC_AUTH.equalsIgnoreCase(auth))
63              authenticator=new BasicAuthenticator();
64          else if (Constraint.__DIGEST_AUTH.equalsIgnoreCase(auth))
65              authenticator=new DigestAuthenticator();
66          else if (Constraint.__FORM_AUTH.equalsIgnoreCase(auth))
67              authenticator=new FormAuthenticator();
68          else if ( Constraint.__SPNEGO_AUTH.equalsIgnoreCase(auth) )
69              authenticator = new SpnegoAuthenticator();
70          else if ( Constraint.__NEGOTIATE_AUTH.equalsIgnoreCase(auth) ) // see Bug #377076
71              authenticator = new SpnegoAuthenticator(Constraint.__NEGOTIATE_AUTH);
72          if (Constraint.__CERT_AUTH.equalsIgnoreCase(auth)||Constraint.__CERT_AUTH2.equalsIgnoreCase(auth))
73              authenticator=new ClientCertAuthenticator();
74          
75          return authenticator;
76      }
77     
78      /* ------------------------------------------------------------ */
79      /**
80       * @return the loginService
81       */
82      public LoginService getLoginService()
83      {
84          return _loginService;
85      }
86  
87      /* ------------------------------------------------------------ */
88      /**
89       * @param loginService the loginService to set
90       */
91      public void setLoginService(LoginService loginService)
92      {
93          _loginService = loginService;
94      }
95  
96  }