org.eclipse.jetty.security.DefaultAuthenticatorFactory Maven / Gradle / Ivy
Show all versions of aem-sdk-api Show documentation
//
// ========================================================================
// Copyright (c) 1995-2022 Mort Bay Consulting Pty Ltd and others.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.security;
import javax.servlet.ServletContext;
import org.eclipse.jetty.security.Authenticator.AuthConfiguration;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
import org.eclipse.jetty.security.authentication.ClientCertAuthenticator;
import org.eclipse.jetty.security.authentication.DigestAuthenticator;
import org.eclipse.jetty.security.authentication.FormAuthenticator;
import org.eclipse.jetty.security.authentication.SpnegoAuthenticator;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.util.security.Constraint;
/**
* The Default Authenticator Factory.
* Uses the {@link AuthConfiguration#getAuthMethod()} to select an {@link Authenticator} from:
* - {@link org.eclipse.jetty.security.authentication.BasicAuthenticator}
* - {@link org.eclipse.jetty.security.authentication.DigestAuthenticator}
* - {@link org.eclipse.jetty.security.authentication.FormAuthenticator}
* - {@link org.eclipse.jetty.security.authentication.ClientCertAuthenticator}
*
* All authenticators derived from {@link org.eclipse.jetty.security.authentication.LoginAuthenticator} are
* wrapped with a {@link org.eclipse.jetty.security.authentication.DeferredAuthentication}
* instance, which is used if authentication is not mandatory.
*
* The Authentications from the {@link org.eclipse.jetty.security.authentication.FormAuthenticator} are always wrapped in a
* {@link org.eclipse.jetty.security.authentication.SessionAuthentication}
*
* If a {@link LoginService} has not been set on this factory, then
* the service is selected by searching the {@link Server#getBeans(Class)} results for
* a service that matches the realm name, else the first LoginService found is used.
*
* @deprecated The Eclipse Jetty and Apache Felix Http Jetty packages are no longer supported.
*/
@Deprecated(since = "2021-05-27")
public class DefaultAuthenticatorFactory implements Authenticator.Factory {
LoginService _loginService;
@Override
public Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService) {
String auth = configuration.getAuthMethod();
Authenticator authenticator = null;
if (Constraint.__BASIC_AUTH.equalsIgnoreCase(auth))
authenticator = new BasicAuthenticator();
else if (Constraint.__DIGEST_AUTH.equalsIgnoreCase(auth))
authenticator = new DigestAuthenticator();
else if (Constraint.__FORM_AUTH.equalsIgnoreCase(auth))
authenticator = new FormAuthenticator();
else if (Constraint.__SPNEGO_AUTH.equalsIgnoreCase(auth))
authenticator = new SpnegoAuthenticator();
else if (// see Bug #377076
Constraint.__NEGOTIATE_AUTH.equalsIgnoreCase(auth))
authenticator = new SpnegoAuthenticator(Constraint.__NEGOTIATE_AUTH);
if (Constraint.__CERT_AUTH.equalsIgnoreCase(auth) || Constraint.__CERT_AUTH2.equalsIgnoreCase(auth))
authenticator = new ClientCertAuthenticator();
return authenticator;
}
/**
* @return the loginService
*/
public LoginService getLoginService() {
return _loginService;
}
/**
* @param loginService the loginService to set
*/
public void setLoginService(LoginService loginService) {
_loginService = loginService;
}
}