Re: [jetty-users] Composite Authenticator implementations?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [jetty-users] Composite Authenticator implementations?

From: John English <john.foreign@xxxxxxxxx>
Date: Fri, 1 Aug 2025 14:28:28 +0300
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/jetty-users/>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>
User-agent: Mozilla Thunderbird

On 01/08/2025 08:34, Rickard Öberg via jetty-users wrote:

Hi!
I want to support multiple ways to authenticate users, which may beclients(browsers) and other servers. For example: JWT token, Bearerheader, client certs, SSO cookie tokens. What is a good strategy fordoing this? Would it be possible to create a delegating Authenticatorwith all of the above as options? Has anyone done anything like this before?

I use a custom-built Authenticator class with an abstractdoAuthenticate() method, and derived classes (e.g. JNDIAuthenticator)which each use config parameters from web.xml to control the detailedbehaviour.


--
John English

--
This email has been checked for viruses by AVG antivirus software.
www.avg.com

References:
- [jetty-users] Composite Authenticator implementations?
  - From: Rickard Öberg

Prev by Date: [jetty-users] Composite Authenticator implementations?
Previous by thread: [jetty-users] Composite Authenticator implementations?
Index(es):
- Date
- Thread

Breadcrumbs