Class SSLAuthenticator

    • Constructor Detail

      • SSLAuthenticator

        public SSLAuthenticator()
    • Method Detail

      • doAuthenticate

        protected boolean doAuthenticate​(Request request,
                                         HttpServletResponse response)
                                  throws IOException
        Authenticate the user by checking for the existence of a certificate chain, validating it against the trust manager for the connector and then validating the user's identity against the configured Realm.
        Specified by:
        doAuthenticate in class AuthenticatorBase
        Parameters:
        request - Request we are processing
        response - Response we are creating
        Returns:
        true if the the user was authenticated, otherwise false, in which case an authentication challenge will have been written to the response
        Throws:
        IOException - if an input/output error occurs
      • getAuthMethod

        protected String getAuthMethod()
        Description copied from class: AuthenticatorBase
        Return the authentication method, which is vendor-specific and not defined by HttpServletRequest.
        Specified by:
        getAuthMethod in class AuthenticatorBase
        Returns:
        the authentication method, which is vendor-specific and not defined by HttpServletRequest.
      • isPreemptiveAuthPossible

        protected boolean isPreemptiveAuthPossible​(Request request)
        Description copied from class: AuthenticatorBase
        Can the authenticator perform preemptive authentication for the given request?
        Overrides:
        isPreemptiveAuthPossible in class AuthenticatorBase
        Parameters:
        request - The request to check for credentials
        Returns:
        true if preemptive authentication is possible, otherwise false
      • getRequestCertificates

        protected X509Certificate[] getRequestCertificates​(Request request)
                                                    throws IllegalStateException
        Look for the X509 certificate chain in the Request under the key jakarta.servlet.request.X509Certificate. If not found, trigger extracting the certificate chain from the Coyote request.
        Parameters:
        request - Request to be processed
        Returns:
        The X509 certificate chain if found, null otherwise.
        Throws:
        IllegalStateException