public class X509AuthenticationScheme extends Object implements HttpAuthenticationScheme<X509AuthenticationConfiguration>
An implementation of HttpAuthenticationScheme that supports the Servlet Specification
CLIENT-CERT Authentication Scheme
When using this authentication scheme, the container must be properly configured to validate client certificates.
| Modifier and Type | Field and Description |
|---|---|
static String |
X509_CLIENT_CERT_REQUEST_ATTRIBUTE |
| Constructor and Description |
|---|
X509AuthenticationScheme() |
| Modifier and Type | Method and Description |
|---|---|
void |
challengeClient(HttpServletRequest request,
HttpServletResponse response)
Challenges the client if no credentials were supplied or the credentials were not extracted in order to continue
with the authentication.
|
void |
extractCredential(HttpServletRequest request,
DefaultLoginCredentials creds)
Extracts the credentials from the given
HttpServletRequest and populates the
DefaultLoginCredentials with them. |
void |
initialize(X509AuthenticationConfiguration config)
Called one time during initialization.
|
void |
onPostAuthentication(HttpServletRequest request,
HttpServletResponse response)
Performs any post-authentication logic regarding of the authentication result.
|
public static final String X509_CLIENT_CERT_REQUEST_ATTRIBUTE
public void initialize(X509AuthenticationConfiguration config)
HttpAuthenticationSchemeinitialize in interface HttpAuthenticationScheme<X509AuthenticationConfiguration>config - The configuration.public void extractCredential(HttpServletRequest request, DefaultLoginCredentials creds)
HttpAuthenticationSchemeHttpServletRequest and populates the
DefaultLoginCredentials with them. If the request is not an authentication attempt (as defined by the
implementation), then creds is not affected.extractCredential in interface HttpAuthenticationScheme<X509AuthenticationConfiguration>request - The current request, to examine for authentication information.creds - The credentials instance that will be populated with the credentials found in the request, if any.public void challengeClient(HttpServletRequest request, HttpServletResponse response)
HttpAuthenticationSchemechallengeClient in interface HttpAuthenticationScheme<X509AuthenticationConfiguration>request - The current request, which may be used to obtain a RequestDispatcher if needed.
If this method is called, the rest of the filter chain will not be processed, so
implementations are free to read the request body if they so choose.response - The current response, which can be used to send HTTP error results, redirects, or for sending
additional challenge headers.public void onPostAuthentication(HttpServletRequest request, HttpServletResponse response)
HttpAuthenticationSchemeonPostAuthentication in interface HttpAuthenticationScheme<X509AuthenticationConfiguration>request - The current request, which may be used to obtain a RequestDispatcher if needed.response - The current response, which can be used to send an HTTP response, or a redirect.Copyright © 2015. All rights reserved.