Package io.hawt.system

Class Authenticator

  • public class Authenticator
extends java.lang.Object
    Authenticator performs authentication using JAAS with the LoginContext for the chosen realm.

    Authenticator supports the following authentication methods:

    • a set of user name and password
    • client certificates

    • Field Detail

      • HEADER_AUTHORIZATION

        public static final java.lang.String HEADER_AUTHORIZATION
        See Also:
        Constant Field Values

      • AUTHENTICATION_SCHEME_BASIC

        public static final java.lang.String AUTHENTICATION_SCHEME_BASIC
        See Also:
        Constant Field Values

      • AUTHENTICATION_SCHEME_BEARER

        public static final java.lang.String AUTHENTICATION_SCHEME_BEARER
        See Also:
        Constant Field Values

      • ATTRIBUTE_X509_CERTIFICATE

        public static final java.lang.String ATTRIBUTE_X509_CERTIFICATE
        See Also:
        Constant Field Values

    • Constructor Detail

      • Authenticator

        public Authenticator​(javax.servlet.http.HttpServletRequest request,
                     AuthenticationConfiguration authConfiguration,
                     java.lang.String username,
                     java.lang.String password)
        Explicit username/password authenticator when authenticating users from login page.

      • Authenticator

        public Authenticator​(javax.servlet.http.HttpServletRequest request,
                     AuthenticationConfiguration authConfiguration)
        Request-based authenticator such as when authenticating direct Jolokia accesses.

    • Method Detail

      • extractAuthHeader

        public static void extractAuthHeader​(javax.servlet.http.HttpServletRequest request,
                                     java.util.function.BiConsumer<java.lang.String,​java.lang.String> callback)
        Extracts username/password from Authorization header. Callback is invoked only when Authorization header is present.

      • isUsernamePasswordSet

        public boolean isUsernamePasswordSet()

      • hasNoCredentials

        public boolean hasNoCredentials()

      • authenticate

        public AuthenticateResult authenticate​(java.util.function.Consumer<javax.security.auth.Subject> callback)

      • doAuthenticate

        protected javax.security.auth.Subject doAuthenticate()

      • initSubject

        protected javax.security.auth.Subject initSubject()

      • login

        protected void login​(javax.security.auth.Subject subject,
                     java.lang.String realm,
                     javax.security.auth.login.Configuration configuration)
              throws javax.security.auth.login.LoginException
        Throws:
        javax.security.auth.login.LoginException

      • checkRoles

        protected boolean checkRoles​(javax.security.auth.Subject subject,
                             java.lang.String role,
                             java.lang.String rolePrincipalClasses)