Package io.undertow.security.impl
Class ClientCertAuthenticationMechanism
- java.lang.Object
-
- io.undertow.security.impl.ClientCertAuthenticationMechanism
-
- All Implemented Interfaces:
AuthenticationMechanism
public class ClientCertAuthenticationMechanism extends Object implements AuthenticationMechanism
The Client Cert based authentication mechanism.When authenticate is called the current request is checked to see if it a SSL request, this is further checked to identify if the client has been verified at the SSL level.
- Author:
- Darran Lofthouse
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classClientCertAuthenticationMechanism.Factory-
Nested classes/interfaces inherited from interface io.undertow.security.api.AuthenticationMechanism
AuthenticationMechanism.AuthenticationMechanismOutcome, AuthenticationMechanism.ChallengeResult
-
-
Field Summary
Fields Modifier and Type Field Description static AuthenticationMechanismFactoryFACTORYstatic StringFORCE_RENEGOTIATION
-
Constructor Summary
Constructors Constructor Description ClientCertAuthenticationMechanism()ClientCertAuthenticationMechanism(boolean forceRenegotiation)ClientCertAuthenticationMechanism(String mechanismName)ClientCertAuthenticationMechanism(String mechanismName, boolean forceRenegotiation)ClientCertAuthenticationMechanism(String mechanismName, boolean forceRenegotiation, IdentityManager identityManager)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AuthenticationMechanism.AuthenticationMechanismOutcomeauthenticate(HttpServerExchange exchange, SecurityContext securityContext)Perform authentication of the request.AuthenticationMechanism.ChallengeResultsendChallenge(HttpServerExchange exchange, SecurityContext securityContext)Send an authentication challenge to the remote client.
-
-
-
Field Detail
-
FACTORY
public static final AuthenticationMechanismFactory FACTORY
-
FORCE_RENEGOTIATION
public static final String FORCE_RENEGOTIATION
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
ClientCertAuthenticationMechanism
public ClientCertAuthenticationMechanism()
-
ClientCertAuthenticationMechanism
public ClientCertAuthenticationMechanism(boolean forceRenegotiation)
-
ClientCertAuthenticationMechanism
public ClientCertAuthenticationMechanism(String mechanismName)
-
ClientCertAuthenticationMechanism
public ClientCertAuthenticationMechanism(String mechanismName, boolean forceRenegotiation)
-
ClientCertAuthenticationMechanism
public ClientCertAuthenticationMechanism(String mechanismName, boolean forceRenegotiation, IdentityManager identityManager)
-
-
Method Detail
-
authenticate
public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext)
Description copied from interface:AuthenticationMechanismPerform authentication of the request. Any potentially blocking work should be performed in the handoff executor provided- Specified by:
authenticatein interfaceAuthenticationMechanism- Parameters:
exchange- The exchange- Returns:
-
sendChallenge
public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext)
Description copied from interface:AuthenticationMechanismSend an authentication challenge to the remote client.The individual mechanisms should update the response headers and body of the message as appropriate however they should not set the response code, instead that should be indicated in the
AuthenticationMechanism.ChallengeResultand the most appropriate overall response code will be selected. This method should not returnnull.- Specified by:
sendChallengein interfaceAuthenticationMechanism- Parameters:
exchange- The exchangesecurityContext- The security context- Returns:
- A
AuthenticationMechanism.ChallengeResultindicating if a challenge was sent and the desired response code.
-
-