DefaultAuthenticatorFactory xref

View Javadoc

1   // ========================================================================
2   // Copyright (c) 2008-2009 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // All rights reserved. This program and the accompanying materials
5   // are made available under the terms of the Eclipse Public License v1.0
6   // and Apache License v2.0 which accompanies this distribution.
7   // The Eclipse Public License is available at 
8   // http://www.eclipse.org/legal/epl-v10.html
9   // The Apache License v2.0 is available at
10  // http://www.opensource.org/licenses/apache2.0.php
11  // You may elect to redistribute this code under either of these licenses. 
12  // ========================================================================
13  
14  package org.eclipse.jetty.security;
15  
16  import javax.servlet.ServletContext;
17  
18  import org.eclipse.jetty.http.security.Constraint;
19  import org.eclipse.jetty.security.Authenticator.Configuration;
20  import org.eclipse.jetty.security.authentication.BasicAuthenticator;
21  import org.eclipse.jetty.security.authentication.ClientCertAuthenticator;
22  import org.eclipse.jetty.security.authentication.DigestAuthenticator;
23  import org.eclipse.jetty.security.authentication.FormAuthenticator;
24  import org.eclipse.jetty.server.Server;
25  
26  /* ------------------------------------------------------------ */
27  /**
28   * The Default Authenticator Factory.
29   * Uses the {@link Configuration#getAuthMethod()} to select an {@link Authenticator} from: <ul>
30   * <li>{@link BasicAuthenticator}</li>
31   * <li>{@link DigestAuthenticator}</li>
32   * <li>{@link FormAuthenticator}</li>
33   * <li>{@link ClientCertAuthenticator}</li>
34   * </ul>
35   * If {@link Configuration#isLazy()} is true, the Authenticator is wrapped with a {@link DeferredAuthenticator}
36   * instance. The FormAuthenticator is always wrapped in a {@link SessionCachingAuthenticator}.
37   * <p>
38   * If a {@link LoginService} has not been set on this factory, then
39   * the service is selected by searching the {@link Server#getBeans(Class)} results for
40   * a service that matches the realm name, else the first LoginService found is used.
41   *
42   */
43  public class DefaultAuthenticatorFactory implements Authenticator.Factory
44  {
45      LoginService _loginService;
46      
47      public Authenticator getAuthenticator(Server server, ServletContext context, Configuration configuration, IdentityService identityService, LoginService loginService)
48      {
49          String auth=configuration.getAuthMethod();
50          Authenticator authenticator=null;
51          
52          if (auth==null || Constraint.__BASIC_AUTH.equalsIgnoreCase(auth))
53              authenticator=new BasicAuthenticator();
54          else if (Constraint.__DIGEST_AUTH.equalsIgnoreCase(auth))
55              authenticator=new DigestAuthenticator();
56          else if (Constraint.__FORM_AUTH.equalsIgnoreCase(auth))
57              authenticator=new FormAuthenticator();
58          if (Constraint.__CERT_AUTH.equalsIgnoreCase(auth)||Constraint.__CERT_AUTH2.equalsIgnoreCase(auth))
59              authenticator=new ClientCertAuthenticator();
60          
61          return authenticator;
62      }
63     
64  
65      /* ------------------------------------------------------------ */
66      /**
67       * @return the loginService
68       */
69      public LoginService getLoginService()
70      {
71          return _loginService;
72      }
73  
74      /* ------------------------------------------------------------ */
75      /**
76       * @param loginService the loginService to set
77       */
78      public void setLoginService(LoginService loginService)
79      {
80          _loginService = loginService;
81      }
82  
83  }