Package org.restlet.security

Class Authenticator

  • All Implemented Interfaces:
    Uniform
    Direct Known Subclasses:
    CertificateAuthenticator, ChallengeAuthenticator
    public abstract class Authenticator
extends Filter
    Filter authenticating the client sending the inbound request. Its main role is to inspect various credentials provided by the client and to add related application roles to the request's ClientInfo property.
    Author:
    Jerome Louvel

    • Constructor Detail

      • Authenticator

        public Authenticator​(Context context,
                     boolean optional)
        Constructor using the context's default enroler.
        Parameters:
        context - The context.
        optional - Indicates if the authenticator is not required to succeed.
        See Also:
        Authenticator(Context, boolean, Enroler)

      • Authenticator

        public Authenticator​(Context context,
                     boolean multiAuthenticating,
                     boolean optional,
                     Enroler enroler)
        Constructor.
        Parameters:
        context - The context.
        multiAuthenticating - Indicates if the authenticator should attempt to authenticate an already authenticated client.
        optional - Indicates if the authenticator is not required to succeed.
        enroler - The enroler to invoke upon successful authentication.

      • Authenticator

        public Authenticator​(Context context,
                     boolean optional,
                     Enroler enroler)
        Constructor.
        Parameters:
        context - The context.
        optional - Indicates if the authenticator is not required to succeed.
        enroler - The enroler to invoke upon successful authentication.

    • Method Detail

      • authenticate

        protected abstract boolean authenticate​(Request request,
                                        Response response)
        Attempts to authenticate the subject sending the request.
        Parameters:
        request - The request sent.
        response - The response to update.
        Returns:
        True if the authentication succeeded.

      • authenticated

        protected int authenticated​(Request request,
                            Response response)
        Invoked upon successful authentication. By default, it updates the request's clientInfo and challengeResponse "authenticated" properties, clears the existing challenge requests on the response, calls the enroler and finally returns Filter.CONTINUE.
        Parameters:
        request - The request sent.
        response - The response to update.
        Returns:
        The filter continuation code.

      • getEnroler

        public Enroler getEnroler()
        Returns the enroler invoked upon successful authentication to update the subject with new principals. Typically new Role are added based on the available User instances available.
        Returns:
        The enroler invoked upon successful authentication

      • isMultiAuthenticating

        public boolean isMultiAuthenticating()
        Indicates if the authenticator should attempt to authenticate an already authenticated client. The client is considered authenticated if ClientInfo.isAuthenticated() returns true. By default, it is set to true.
        Returns:
        True if the authenticator should attempt to authenticate an already authenticated client.

      • isOptional

        public boolean isOptional()
        Indicates if the authenticator is not required to succeed. In those cases, the attached Restlet is invoked. Note that authentication will be attempted independently of this property unless the client is already authenticated and the isMultiAuthenticating() prevents multiple authentications.
        Returns:
        True if the authentication success is optional.

      • setEnroler

        public void setEnroler​(Enroler enroler)
        Sets the enroler invoked upon successful authentication.
        Parameters:
        enroler - The enroler invoked upon successful authentication.

      • setMultiAuthenticating

        public void setMultiAuthenticating​(boolean multiAuthenticating)
        Indicates if the authenticator should attempt to authenticate an already authenticated client. The client is considered authenticated if ClientInfo.isAuthenticated() returns true. By default, it is set to true.
        Parameters:
        multiAuthenticating - True if the authenticator should attempt to authenticate an already authenticated client.

      • setOptional

        public void setOptional​(boolean optional)
        Indicates if the authenticator is not required to succeed. In those cases, the attached Restlet is invoked. Note that authentication will be attempted independently of this property unless the client is already authenticated and the isMultiAuthenticating() prevents multiple authentications.
        Parameters:
        optional - True if the authentication success is optional.

      • unauthenticated

        protected int unauthenticated​(Request request,
                              Response response)
        Invoked upon failed authentication. By default, it updates the request's clientInfo and challengeResponse "authenticated" properties, and returns Filter.STOP.
        Parameters:
        request - The request sent.
        response - The response to update.
        Returns:
        The filter continuation code.