Package io.hawt.system

Class Authenticator

java.lang.Object

io.hawt.system.Authenticator

public class Authenticator
extends Object

Authenticator performs authentication using JAAS with the LoginContext for the chosen realm.

Authenticator supports the following authentication methods:

• a set of user name and password
• client certificates

Field Summary

Fields

Modifier and Type	Field	Description
static final String	ATTRIBUTE_X509_CERTIFICATE
static final String	AUTHENTICATION_SCHEME_BASIC
static final String	AUTHENTICATION_SCHEME_BEARER
static final String	HEADER_AUTHORIZATION

Constructor Summary

Constructors

Constructor	Description
Authenticator(jakarta.servlet.http.HttpServletRequest request, AuthenticationConfiguration authConfiguration)	Request-based authenticator such as when authenticating direct Jolokia accesses.
Authenticator(jakarta.servlet.http.HttpServletRequest request, AuthenticationConfiguration authConfiguration, String username, String password)	Explicit username/password authenticator when authenticating users from login page.

Method Summary

Modifier and Type	Method	Description
AuthenticateResult	authenticate(Consumer<Subject> callback)
protected boolean	checkRoles(Subject subject, String role, String rolePrincipalClasses)
protected Subject	doAuthenticate()
static void	extractAuthHeader(jakarta.servlet.http.HttpServletRequest request, BiConsumer<String,String> callback)	Extracts username/password from Authorization header.
boolean	hasNoCredentials()
boolean	isUsernamePasswordSet()
protected void	login(Subject subject, String realm, Configuration configuration)
static void	logout(AuthenticationConfiguration authConfiguration, Subject subject)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

HEADER_AUTHORIZATION

public static final String HEADER_AUTHORIZATION

See Also:

• Constant Field Values

AUTHENTICATION_SCHEME_BASIC

public static final String AUTHENTICATION_SCHEME_BASIC

See Also:

• Constant Field Values

AUTHENTICATION_SCHEME_BEARER

public static final String AUTHENTICATION_SCHEME_BEARER

See Also:

• Constant Field Values

ATTRIBUTE_X509_CERTIFICATE

public static final String ATTRIBUTE_X509_CERTIFICATE

See Also:

• Constant Field Values

Constructor Details

Authenticator

public Authenticator(jakarta.servlet.http.HttpServletRequest request,
 AuthenticationConfiguration authConfiguration,
 String username,
 String password)

Explicit username/password authenticator when authenticating users from login page.

Authenticator

public Authenticator(jakarta.servlet.http.HttpServletRequest request,
 AuthenticationConfiguration authConfiguration)

Request-based authenticator such as when authenticating direct Jolokia accesses.

Method Details

extractAuthHeader

public static void extractAuthHeader(jakarta.servlet.http.HttpServletRequest request,
 BiConsumer<String,String> callback)

Extracts username/password from Authorization header. Callback is invoked only when Authorization header is present.

isUsernamePasswordSet

public boolean isUsernamePasswordSet()

hasNoCredentials

public boolean hasNoCredentials()

logout

public static void logout(AuthenticationConfiguration authConfiguration,
 Subject subject)

authenticate

public AuthenticateResult authenticate(Consumer<Subject> callback)

doAuthenticate

protected Subject doAuthenticate()

login

protected void login(Subject subject,
 String realm,
 Configuration configuration)
              throws LoginException

Throws:

LoginException

checkRoles

protected boolean checkRoles(Subject subject,
 String role,
 String rolePrincipalClasses)