2.3.2. Multiple Authenticator Support
If your application requires multiple authentication methods, you can use multiple
Authenticator
implementations and decide which one should be used depending on some decision logic. For that, use a producer method annotated with @PicketLink
to produce the desired Authenticator
:
@RequestScoped @Named public class AuthenticatorSelector { @Inject Instance<CustomAuthenticator> customAuthenticator; @Inject Instance<IdmAuthenticator> idmAuthenticator; private String authenticator; public String getAuthenticator() { return authenticator; } public void setAuthenticator(String authenticator) { this.authenticator = authenticator; } @Produces @PicketLink public Authenticator selectAuthenticator() { if ("custom".equals(authenticator)) { return customAuthenticator.get(); } else { return idmAuthenticator.get(); } } }
This
@Named
bean exposes an authenticationSelector.authenticator
property that can be set by a user interface control in the view layer. If its value is set to "custom" then CustomAuthenticator
will be used, otherwise IdmAuthenticator
(the Authenticator
used to authenticate using the Identity Management API) will be used instead. Another good example is when you need to choose the Authenticator
based on a request header or parameter value.