public class ConfigurableSpnegoAuthenticator extends LoginAuthenticator
A LoginAuthenticator that uses SPNEGO and the GSS API to authenticate requests.
A successful authentication from a client is cached for a configurable
duration
using the HTTP session; this avoids
that the client is asked to authenticate for every request.
ConfigurableSpnegoLoginService
Authenticator.AuthConfiguration, Authenticator.Factory
_identityService, _loginService
Constructor and Description |
---|
ConfigurableSpnegoAuthenticator() |
ConfigurableSpnegoAuthenticator(java.lang.String authMethod)
Allow for a custom authMethod value to be set for instances where SPNEGO may not be appropriate
|
Modifier and Type | Method and Description |
---|---|
java.time.Duration |
getAuthenticationDuration() |
java.lang.String |
getAuthMethod() |
boolean |
secureResponse(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
boolean mandatory,
Authentication.User validatedUser)
is response secure
|
void |
setAuthenticationDuration(java.time.Duration authenticationDuration)
Sets the duration of the authentication.
|
Authentication |
validateRequest(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res,
boolean mandatory)
Validate a request
|
getLoginService, login, prepareRequest, renewSession, setConfiguration
public ConfigurableSpnegoAuthenticator()
public ConfigurableSpnegoAuthenticator(java.lang.String authMethod)
authMethod
- the auth methodpublic java.lang.String getAuthMethod()
public java.time.Duration getAuthenticationDuration()
public void setAuthenticationDuration(java.time.Duration authenticationDuration)
Sets the duration of the authentication.
A negative duration means that the authentication is only valid for the current request.
A zero duration means that the authentication is valid forever.
A positive value means that the authentication is valid for the specified duration.
authenticationDuration
- the authentication durationpublic Authentication validateRequest(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, boolean mandatory) throws ServerAuthException
Authenticator
req
- The requestres
- The responsemandatory
- True if authentication is mandatory.Authentication.User
. If a response has
been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will
implement Authentication.ResponseSent
. If Authentication is not manditory, then a
Authentication.Deferred
may be returned.ServerAuthException
- if unable to validate requestpublic boolean secureResponse(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, boolean mandatory, Authentication.User validatedUser)
Authenticator
request
- the requestresponse
- the responsemandatory
- if security is mandatorvalidatedUser
- the user that was validatedCopyright © 1995–2023 Webtide. All rights reserved.