1 // ========================================================================
2 // Copyright (c) 2008-2009 Mort Bay Consulting Pty. Ltd.
3 // ------------------------------------------------------------------------
4 // All rights reserved. This program and the accompanying materials
5 // are made available under the terms of the Eclipse Public License v1.0
6 // and Apache License v2.0 which accompanies this distribution.
7 // The Eclipse Public License is available at
8 // http://www.eclipse.org/legal/epl-v10.html
9 // The Apache License v2.0 is available at
10 // http://www.opensource.org/licenses/apache2.0.php
11 // You may elect to redistribute this code under either of these licenses.
12 // ========================================================================
13
14 package org.eclipse.jetty.security;
15
16 import javax.servlet.ServletContext;
17
18 import org.eclipse.jetty.http.security.Constraint;
19 import org.eclipse.jetty.security.Authenticator.Configuration;
20 import org.eclipse.jetty.security.authentication.BasicAuthenticator;
21 import org.eclipse.jetty.security.authentication.ClientCertAuthenticator;
22 import org.eclipse.jetty.security.authentication.DigestAuthenticator;
23 import org.eclipse.jetty.security.authentication.FormAuthenticator;
24 import org.eclipse.jetty.security.authentication.DeferredAuthenticator;
25 import org.eclipse.jetty.security.authentication.SessionCachingAuthenticator;
26 import org.eclipse.jetty.server.Server;
27
28 /* ------------------------------------------------------------ */
29 /**
30 * The Default Authenticator Factory.
31 * Uses the {@link Configuration#getAuthMethod()} to select an {@link Authenticator} from: <ul>
32 * <li>{@link BasicAuthenticator}</li>
33 * <li>{@link DigestAuthenticator}</li>
34 * <li>{@link FormAuthenticator}</li>
35 * <li>{@link ClientCertAuthenticator}</li>
36 * </ul>
37 * If {@link Configuration#isLazy()} is true, the Authenticator is wrapped with a {@link DeferredAuthenticator}
38 * instance. The FormAuthenticator is always wrapped in a {@link SessionCachingAuthenticator}.
39 * <p>
40 * If a {@link LoginService} has not been set on this factory, then
41 * the service is selected by searching the {@link Server#getBeans(Class)} results for
42 * a service that matches the realm name, else the first LoginService found is used.
43 *
44 */
45 public class DefaultAuthenticatorFactory implements Authenticator.Factory
46 {
47 LoginService _loginService;
48
49 public Authenticator getAuthenticator(Server server, ServletContext context, Configuration configuration, IdentityService identityService, LoginService loginService)
50 {
51 String auth=configuration.getAuthMethod();
52 Authenticator authenticator=null;
53
54 if (auth==null || Constraint.__BASIC_AUTH.equalsIgnoreCase(auth))
55 authenticator=new BasicAuthenticator();
56 else if (Constraint.__DIGEST_AUTH.equalsIgnoreCase(auth))
57 authenticator=new DigestAuthenticator();
58 else if (Constraint.__FORM_AUTH.equalsIgnoreCase(auth))
59 authenticator=new SessionCachingAuthenticator(new FormAuthenticator());
60 if (Constraint.__CERT_AUTH.equalsIgnoreCase(auth)||Constraint.__CERT_AUTH2.equalsIgnoreCase(auth))
61 authenticator=new ClientCertAuthenticator();
62
63 if (configuration.isLazy() && authenticator!=null)
64 authenticator=new DeferredAuthenticator(authenticator);
65
66 return authenticator;
67 }
68
69
70 /* ------------------------------------------------------------ */
71 /**
72 * @return the loginService
73 */
74 public LoginService getLoginService()
75 {
76 return _loginService;
77 }
78
79 /* ------------------------------------------------------------ */
80 /**
81 * @param loginService the loginService to set
82 */
83 public void setLoginService(LoginService loginService)
84 {
85 _loginService = loginService;
86 }
87
88 }