org.eclipse.jetty.security
Interface Authenticator

All Known Implementing Classes:
BasicAuthenticator, ClientCertAuthenticator, DigestAuthenticator, FormAuthenticator, JaspiAuthenticator, LoginAuthenticator, SpnegoAuthenticator

public interface Authenticator

Authenticator Interface

An Authenticator is responsible for checking requests and sending response challenges in order to authenticate a request. Various types of Authentication are returned in order to signal the next step in authentication.

Version:
$Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $

Nested Class Summary
static interface Authenticator.AuthConfiguration
          Authenticator Configuration
static interface Authenticator.Factory
          Authenticator Factory
 
Method Summary
 String getAuthMethod()
           
 boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, Authentication.User validatedUser)
           
 void setConfiguration(Authenticator.AuthConfiguration configuration)
          Configure the Authenticator
 Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory)
          Validate a response
 

Method Detail

setConfiguration

void setConfiguration(Authenticator.AuthConfiguration configuration)
Configure the Authenticator

Parameters:
configuration -

getAuthMethod

String getAuthMethod()
Returns:
The name of the authentication method

validateRequest

Authentication validateRequest(ServletRequest request,
                               ServletResponse response,
                               boolean mandatory)
                               throws ServerAuthException
Validate a response

Parameters:
request - The request
response - The response
mandatory - True if authentication is mandatory.
Returns:
An Authentication. If Authentication is successful, this will be a Authentication.User. If a response has been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will implement Authentication.ResponseSent. If Authentication is not manditory, then a Authentication.Deferred may be returned.
Throws:
ServerAuthException

secureResponse

boolean secureResponse(ServletRequest request,
                       ServletResponse response,
                       boolean mandatory,
                       Authentication.User validatedUser)
                       throws ServerAuthException
Parameters:
request -
response -
mandatory -
validatedUser -
Returns:
true if response is secure
Throws:
ServerAuthException


Copyright © 1995-2011 Mort Bay Consulting. All Rights Reserved.