Package org.apache.catalina.authenticator

Class SSLAuthenticator

java.lang.Object

org.apache.catalina.util.LifecycleBase

org.apache.catalina.util.LifecycleMBeanBase

org.apache.catalina.valves.ValveBase

org.apache.catalina.authenticator.AuthenticatorBase

org.apache.catalina.authenticator.SSLAuthenticator

All Implemented Interfaces:

javax.management.MBeanRegistration, javax.security.auth.message.config.RegistrationListener, Authenticator, Contained, JmxEnabled, Lifecycle, Valve

public class SSLAuthenticator
extends AuthenticatorBase

An Authenticator and Valve implementation of authentication that utilizes SSL certificates to identify client users.

Author:

Craig R. McClanahan

Nested Class Summary

Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle

Lifecycle.SingleUse

Field Summary

Fields inherited from class org.apache.catalina.authenticator.AuthenticatorBase

alwaysUseSession, AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, jaspicCallbackHandlerClass, REALM_NAME, securePagesWithPragma, secureRandomAlgorithm, secureRandomClass, secureRandomProvider, sessionIdGenerator, sm, sso

Fields inherited from interface org.apache.catalina.Lifecycle

AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase

mserver

Fields inherited from class org.apache.catalina.valves.ValveBase

asyncSupported, container, containerLog, next

Constructor Summary

Constructors

Constructor	Description
SSLAuthenticator()

Method Summary

Modifier and Type	Method	Description
protected boolean	doAuthenticate(Request request, HttpServletResponse response)	Authenticate the user by checking for the existence of a certificate chain, validating it against the trust manager for the connector and then validating the user's identity against the configured Realm.
protected java.lang.String	getAuthMethod()

Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBase

associate, authenticate, checkForCachedAuthentication, doLogin, getAlwaysUseSession, getCache, getChangeSessionIdOnAuthentication, getContainer, getDisableProxyCaching, getJaspicCallbackHandlerClass, getRealmName, getRequestCertificates, getSecurePagesWithPragma, getSecureRandomAlgorithm, getSecureRandomClass, getSecureRandomProvider, invoke, isContinuationRequired, login, logout, notify, reauthenticateFromSSO, register, setAlwaysUseSession, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setJaspicCallbackHandlerClass, setSecurePagesWithPragma, setSecureRandomAlgorithm, setSecureRandomClass, setSecureRandomProvider, startInternal, stopInternal

Methods inherited from class org.apache.catalina.util.LifecycleBase

addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop

Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase

destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from class org.apache.catalina.valves.ValveBase

backgroundProcess, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setNext, toString

Constructor Detail

SSLAuthenticator

public SSLAuthenticator()

Method Detail

doAuthenticate

protected boolean doAuthenticate(Request request,
                                 HttpServletResponse response)
                          throws java.io.IOException

Authenticate the user by checking for the existence of a certificate chain, validating it against the trust manager for the connector and then validating the user's identity against the configured Realm.

Specified by:

doAuthenticate in class AuthenticatorBase

Parameters:

request - Request we are processing

response - Response we are creating

Returns:

true if the the user was authenticated, otherwise false, in which case an authentication challenge will have been written to the response

Throws:

java.io.IOException - if an input/output error occurs

getAuthMethod

protected java.lang.String getAuthMethod()

Specified by:

getAuthMethod in class AuthenticatorBase