Class HttpAuthenticator


  • public class HttpAuthenticator
    extends Object
    A HTTP based authenticator responsible for performing the authentication of the current request based on the policies of the associated SecurityDomain.
    Author:
    Darran Lofthouse
    • Field Detail

      • MY_AUTHENTICATED_IDENTITY_KEY

        private static final String MY_AUTHENTICATED_IDENTITY_KEY
      • required

        private final boolean required
      • ignoreOptionalFailures

        private final boolean ignoreOptionalFailures
      • programmaticMechanismName

        private final String programmaticMechanismName
      • authenticated

        private volatile boolean authenticated
    • Method Detail

      • authenticate

        public boolean authenticate()
                             throws HttpAuthenticationException
        Perform authentication for the request.
        Returns:
        true if the call should be allowed to continue within the web server, false if the call should be returning to the client.
        Throws:
        HttpAuthenticationException
      • isAuthenticated

        private boolean isAuthenticated()
      • login

        public SecurityIdentity login​(String username,
                                      String password)
        Perform a login for the supplied username and password using the pre-configured mechanism name.
        Parameters:
        username - the username to use for authentication.
        password - the password to use for authentication.
        Returns:
        A SecurityIdentity is authentication and authorization is successful.
      • login

        private SecurityIdentity login​(String username,
                                       Evidence evidence,
                                       String mechanismName)
        Perform a login for the supplied username and password using the specified mechanism name.
        Parameters:
        username - the username to use for authentication.
        evidence - the evidence to use for authentication.
        Returns:
        A SecurityIdentity is authentication and authorization is successful.
      • restoreIdentity

        private boolean restoreIdentity()
      • getOrCreateIdentityCache

        private IdentityCache getOrCreateIdentityCache()
      • getAttachableSessionScope

        private HttpScope getAttachableSessionScope​(boolean createSession)
      • builder

        public static HttpAuthenticator.Builder builder()
        Construct and return a new Builder to configure and create an instance of HttpAuthenticator.
        Returns:
        a new Builder to configure and create an instance of HttpAuthenticator.