1 // ======================================================================== 2 // Copyright (c) 2008-2009 Mort Bay Consulting Pty. Ltd. 3 // ------------------------------------------------------------------------ 4 // All rights reserved. This program and the accompanying materials 5 // are made available under the terms of the Eclipse Public License v1.0 6 // and Apache License v2.0 which accompanies this distribution. 7 // The Eclipse Public License is available at 8 // http://www.eclipse.org/legal/epl-v10.html 9 // The Apache License v2.0 is available at 10 // http://www.opensource.org/licenses/apache2.0.php 11 // You may elect to redistribute this code under either of these licenses. 12 // ======================================================================== 13 14 package org.eclipse.jetty.security; 15 16 import javax.servlet.ServletContext; 17 18 import org.eclipse.jetty.http.security.Constraint; 19 import org.eclipse.jetty.security.Authenticator.Configuration; 20 import org.eclipse.jetty.security.authentication.BasicAuthenticator; 21 import org.eclipse.jetty.security.authentication.ClientCertAuthenticator; 22 import org.eclipse.jetty.security.authentication.DigestAuthenticator; 23 import org.eclipse.jetty.security.authentication.FormAuthenticator; 24 import org.eclipse.jetty.server.Server; 25 26 /* ------------------------------------------------------------ */ 27 /** 28 * The Default Authenticator Factory. 29 * Uses the {@link Configuration#getAuthMethod()} to select an {@link Authenticator} from: <ul> 30 * <li>{@link org.eclipse.jetty.security.authentication.BasicAuthenticator}</li> 31 * <li>{@link org.eclipse.jetty.security.authentication.DigestAuthenticator}</li> 32 * <li>{@link org.eclipse.jetty.security.authentication.FormAuthenticator}</li> 33 * <li>{@link org.eclipse.jetty.security.authentication.ClientCertAuthenticator}</li> 34 * </ul> 35 * All authenticators derived from {@link org.eclipse.jetty.security.authentication.LoginAuthenticator} are 36 * wrapped with a {@link org.eclipse.jetty.security.authentication.DeferredAuthentication} 37 * instance, which is used if authentication is not mandatory. 38 * 39 * The Authentications from the {@link org.eclipse.jetty.security.authentication.FormAuthenticator} are always wrapped in a 40 * {@link org.eclipse.jetty.security.authentication.SessionAuthentication} 41 * <p> 42 * If a {@link LoginService} has not been set on this factory, then 43 * the service is selected by searching the {@link Server#getBeans(Class)} results for 44 * a service that matches the realm name, else the first LoginService found is used. 45 * 46 */ 47 public class DefaultAuthenticatorFactory implements Authenticator.Factory 48 { 49 LoginService _loginService; 50 51 public Authenticator getAuthenticator(Server server, ServletContext context, Configuration configuration, IdentityService identityService, LoginService loginService) 52 { 53 String auth=configuration.getAuthMethod(); 54 Authenticator authenticator=null; 55 56 if (auth==null || Constraint.__BASIC_AUTH.equalsIgnoreCase(auth)) 57 authenticator=new BasicAuthenticator(); 58 else if (Constraint.__DIGEST_AUTH.equalsIgnoreCase(auth)) 59 authenticator=new DigestAuthenticator(); 60 else if (Constraint.__FORM_AUTH.equalsIgnoreCase(auth)) 61 authenticator=new FormAuthenticator(); 62 if (Constraint.__CERT_AUTH.equalsIgnoreCase(auth)||Constraint.__CERT_AUTH2.equalsIgnoreCase(auth)) 63 authenticator=new ClientCertAuthenticator(); 64 65 return authenticator; 66 } 67 68 /* ------------------------------------------------------------ */ 69 /** 70 * @return the loginService 71 */ 72 public LoginService getLoginService() 73 { 74 return _loginService; 75 } 76 77 /* ------------------------------------------------------------ */ 78 /** 79 * @param loginService the loginService to set 80 */ 81 public void setLoginService(LoginService loginService) 82 { 83 _loginService = loginService; 84 } 85 86 }