Class SslClientCertAuthenticator

  • All Implemented Interfaces:
    Authenticator

    public class SslClientCertAuthenticator
    extends LoginAuthenticator
    CLIENT-CERT authenticator.

    This Authenticator implements client certificate authentication. The client certificates available in the request will be verified against the configured SslContextFactory instance

    • Constructor Detail

      • SslClientCertAuthenticator

        public SslClientCertAuthenticator​(SslContextFactory sslContextFactory)
    • Method Detail

      • getAuthMethod

        public java.lang.String getAuthMethod()
        Returns:
        The name of the authentication method
      • validateRequest

        public Authentication validateRequest​(javax.servlet.ServletRequest req,
                                              javax.servlet.ServletResponse res,
                                              boolean mandatory)
                                       throws ServerAuthException
        Description copied from interface: Authenticator
        Validate a request
        Parameters:
        req - The request
        res - The response
        mandatory - True if authentication is mandatory.
        Returns:
        An Authentication. If Authentication is successful, this will be a Authentication.User. If a response has been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will implement Authentication.ResponseSent. If Authentication is not mandatory, then a Authentication.Deferred may be returned.
        Throws:
        ServerAuthException - if unable to validate request
      • secureResponse

        public boolean secureResponse​(javax.servlet.ServletRequest req,
                                      javax.servlet.ServletResponse res,
                                      boolean mandatory,
                                      Authentication.User validatedUser)
                               throws ServerAuthException
        Description copied from interface: Authenticator
        is response secure
        Parameters:
        req - the request
        res - the response
        mandatory - if security is mandator
        validatedUser - the user that was validated
        Returns:
        true if response is secure
        Throws:
        ServerAuthException - if unable to test response
      • isValidateCerts

        public boolean isValidateCerts()
        Returns:
        true if SSL certificate has to be validated.
      • setValidateCerts

        public void setValidateCerts​(boolean validateCerts)
        Parameters:
        validateCerts - true if SSL certificates have to be validated.