org.eclipse.jetty.security

接口 Authenticator

所有已知实现类:

BasicAuthenticator, ClientCertAuthenticator, DigestAuthenticator, FormAuthenticator, LoginAuthenticator, SpnegoAuthenticator

public interface Authenticator

Authenticator Interface

An Authenticator is responsible for checking requests and sending response challenges in order to authenticate a request. Various types of Authentication are returned in order to signal the next step in authentication.

版本:

$Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $

嵌套类概要

嵌套类

限定符和类型	接口和说明
static interface	Authenticator.AuthConfiguration Authenticator Configuration
static interface	Authenticator.Factory Authenticator Factory

方法概要

限定符和类型	方法和说明
String	getAuthMethod()
void	prepareRequest(javax.servlet.ServletRequest request) Called prior to validateRequest.
boolean	secureResponse(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, boolean mandatory, org.eclipse.jetty.server.Authentication.User validatedUser) is response secure
void	setConfiguration(Authenticator.AuthConfiguration configuration) Configure the Authenticator
org.eclipse.jetty.server.Authentication	validateRequest(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, boolean mandatory) Validate a request

方法详细资料

setConfiguration

void setConfiguration(Authenticator.AuthConfiguration configuration)

Configure the Authenticator

参数:

configuration - the configuration

getAuthMethod

String getAuthMethod()

返回:

The name of the authentication method

prepareRequest

void prepareRequest(javax.servlet.ServletRequest request)

Called prior to validateRequest. The authenticator can manipulate the request to update it with information that can be inspected prior to validateRequest being called. The primary purpose of this method is to satisfy the Servlet Spec 3.1 section 13.6.3 on handling Form authentication where the http method of the original request causing authentication is not the same as the http method resulting from the redirect after authentication.

参数:

request - the request to manipulate

validateRequest

org.eclipse.jetty.server.Authentication validateRequest(javax.servlet.ServletRequest request,
                                                        javax.servlet.ServletResponse response,
                                                        boolean mandatory)
                                                 throws ServerAuthException

Validate a request

参数:

request - The request

response - The response

mandatory - True if authentication is mandatory.

返回:

An Authentication. If Authentication is successful, this will be a Authentication.User. If a response has been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will implement Authentication.ResponseSent. If Authentication is not manditory, then a Authentication.Deferred may be returned.

抛出:

ServerAuthException - if unable to validate request

secureResponse

boolean secureResponse(javax.servlet.ServletRequest request,
                       javax.servlet.ServletResponse response,
                       boolean mandatory,
                       org.eclipse.jetty.server.Authentication.User validatedUser)
                throws ServerAuthException

is response secure

参数:

request - the request

response - the response

mandatory - if security is mandator

validatedUser - the user that was validated

返回:

true if response is secure

抛出:

ServerAuthException - if unable to test response