1 //
2 //  ========================================================================
3 //  Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
4 //  ------------------------------------------------------------------------
5 //  All rights reserved. This program and the accompanying materials
6 //  are made available under the terms of the Eclipse Public License v1.0
7 //  and Apache License v2.0 which accompanies this distribution.
8 //
9 //      The Eclipse Public License is available at
10 //      http://www.eclipse.org/legal/epl-v10.html
11 //
12 //      The Apache License v2.0 is available at
13 //      http://www.opensource.org/licenses/apache2.0.php
14 //
15 //  You may elect to redistribute this code under either of these licenses.
16 //  ========================================================================
17 //
18 
19 package org.eclipse.jetty.security;
20 
21 import javax.servlet.ServletContext;
22 
23 import org.eclipse.jetty.security.Authenticator.AuthConfiguration;
24 import org.eclipse.jetty.security.authentication.BasicAuthenticator;
25 import org.eclipse.jetty.security.authentication.ClientCertAuthenticator;
26 import org.eclipse.jetty.security.authentication.DigestAuthenticator;
27 import org.eclipse.jetty.security.authentication.FormAuthenticator;
28 import org.eclipse.jetty.security.authentication.SpnegoAuthenticator;
29 import org.eclipse.jetty.server.Server;
30 import org.eclipse.jetty.util.security.Constraint;
31 
32 /* ------------------------------------------------------------ */
33 /**
34  * The Default Authenticator Factory.
35  * Uses the {@link AuthConfiguration#getAuthMethod()} to select an {@link Authenticator} from: <ul>
36  * <li>{@link org.eclipse.jetty.security.authentication.BasicAuthenticator}</li>
37  * <li>{@link org.eclipse.jetty.security.authentication.DigestAuthenticator}</li>
38  * <li>{@link org.eclipse.jetty.security.authentication.FormAuthenticator}</li>
39  * <li>{@link org.eclipse.jetty.security.authentication.ClientCertAuthenticator}</li>
40  * </ul>
41  * All authenticators derived from {@link org.eclipse.jetty.security.authentication.LoginAuthenticator} are
42  * wrapped with a {@link org.eclipse.jetty.security.authentication.DeferredAuthentication}
43  * instance, which is used if authentication is not mandatory.
44  *
45  * The Authentications from the {@link org.eclipse.jetty.security.authentication.FormAuthenticator} are always wrapped in a
46  * {@link org.eclipse.jetty.security.authentication.SessionAuthentication}
47  * <p>
48  * If a {@link LoginService} has not been set on this factory, then
49  * the service is selected by searching the {@link Server#getBeans(Class)} results for
50  * a service that matches the realm name, else the first LoginService found is used.
51  *
52  */
53 public class DefaultAuthenticatorFactory implements Authenticator.Factory
54 {
55     LoginService _loginService;
56 
getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService)57     public Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService)
58     {
59         String auth=configuration.getAuthMethod();
60         Authenticator authenticator=null;
61 
62         if (auth==null || Constraint.__BASIC_AUTH.equalsIgnoreCase(auth))
63             authenticator=new BasicAuthenticator();
64         else if (Constraint.__DIGEST_AUTH.equalsIgnoreCase(auth))
65             authenticator=new DigestAuthenticator();
66         else if (Constraint.__FORM_AUTH.equalsIgnoreCase(auth))
67             authenticator=new FormAuthenticator();
68         else if ( Constraint.__SPNEGO_AUTH.equalsIgnoreCase(auth) )
69             authenticator = new SpnegoAuthenticator();
70         else if ( Constraint.__NEGOTIATE_AUTH.equalsIgnoreCase(auth) ) // see Bug #377076
71             authenticator = new SpnegoAuthenticator(Constraint.__NEGOTIATE_AUTH);
72         if (Constraint.__CERT_AUTH.equalsIgnoreCase(auth)||Constraint.__CERT_AUTH2.equalsIgnoreCase(auth))
73             authenticator=new ClientCertAuthenticator();
74 
75         return authenticator;
76     }
77 
78     /* ------------------------------------------------------------ */
79     /**
80      * @return the loginService
81      */
getLoginService()82     public LoginService getLoginService()
83     {
84         return _loginService;
85     }
86 
87     /* ------------------------------------------------------------ */
88     /**
89      * @param loginService the loginService to set
90      */
setLoginService(LoginService loginService)91     public void setLoginService(LoginService loginService)
92     {
93         _loginService = loginService;
94     }
95 
96 }
97