org.mortbay.http
Class ClientCertAuthenticator

java.lang.Object
  |
  +--org.mortbay.http.ClientCertAuthenticator
All Implemented Interfaces:
SecurityConstraint.Authenticator, java.io.Serializable

public class ClientCertAuthenticator
extends java.lang.Object
implements SecurityConstraint.Authenticator

Client Certificate Authenticator. This Authenticator uses a client certificate to authenticate the user. Each client certificate supplied is tried against the realm using the Principal name as the username and a string representation of the certificate as the credential.

Version:
$Id: ClientCertAuthenticator.java,v 1.8 2003/01/19 21:40:56 gregwilkins Exp $
Author:
Greg Wilkins (gregw)
See Also:
Serialized Form

Constructor Summary
ClientCertAuthenticator()
           
 
Method Summary
 UserPrincipal authenticated(UserRealm realm, java.lang.String pathInContext, HttpRequest request, HttpResponse response)
          Authenticate.
 java.lang.String getAuthMethod()
           
 int getMaxHandShakeSeconds()
           
 void setMaxHandShakeSeconds(int maxHandShakeSeconds)
           
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ClientCertAuthenticator

public ClientCertAuthenticator()
Method Detail

getMaxHandShakeSeconds

public int getMaxHandShakeSeconds()

setMaxHandShakeSeconds

public void setMaxHandShakeSeconds(int maxHandShakeSeconds)
Parameters:
maxHandShakeSeconds - Maximum time to wait for SSL handshake if Client certification is required.

authenticated

public UserPrincipal authenticated(UserRealm realm,
                                   java.lang.String pathInContext,
                                   HttpRequest request,
                                   HttpResponse response)
                            throws java.io.IOException
Description copied from interface: SecurityConstraint.Authenticator
Authenticate.

Specified by:
authenticated in interface SecurityConstraint.Authenticator
Returns:
UserPrinciple if authenticated or null if not. If Authentication fails, then the authenticator may have committed the response as an auth challenge or redirect.
Throws:
java.io.IOException

getAuthMethod

public java.lang.String getAuthMethod()
Specified by:
getAuthMethod in interface SecurityConstraint.Authenticator


Copyright ? 2000 Mortbay Consulting Pty. Ltd. All Rights Reserved.