public interface Authenticator extends ServletFilterHolder
Modifier and Type | Method and Description |
---|---|
AuthenticationResult |
authenticateJDBCContext(Map<String,Object> context)
Given a JDBC connection context, authenticate the identity represented by the information in the context.
|
String |
getAuthChallengeHeader()
Return a WWW-Authenticate challenge scheme string appropriate for this Authenticator's authentication mechanism.
|
javax.servlet.Filter |
getFilter()
Create a Filter that performs authentication checks on incoming HTTP requests.
|
getDispatcherType, getFilterClass, getInitParameters, getPath
javax.servlet.Filter getFilter()
If the authentication succeeds, the Filter should set the "Druid-Authentication-Result" attribute in the request,
containing an AuthenticationResult that represents the authenticated identity of the requester, along with
the name of the Authorizer instance that should authorize the request. An Authenticator may choose to
add a Map
If the "Druid-Authentication-Result" attribute is already set (i.e., request has been authenticated by an
earlier Filter), this Filter should skip any authentication checks and proceed to the next Filter.
If a filter cannot recognize a request's format (e.g., the request does not have credentials compatible
with a filter's authentication scheme), the filter should not send an error response, allowing other
filters to handle the request. A challenge response will be sent if the filter chain is exhausted.
If the authentication fails (i.e., a filter recognized the authentication scheme of a request, but the credentials
failed to authenticate successfully) the Filter should send an error response, without needing to proceed to
other filters in the chain..
getFilter
in interface ServletFilterHolder
@Nullable String getAuthChallengeHeader()
For example, a Basic HTTP implementation should return "Basic", while a Kerberos implementation would return "Negotiate". If this method returns null, no authentication scheme will be added for that Authenticator implementation.
@Nullable AuthenticationResult authenticateJDBCContext(Map<String,Object> context)
For example, a Basic HTTP auth implementation could read the "user" and "password" fields from the JDBC context.
The expected contents of the context are left to the implementation.
context
- JDBC connection contextCopyright © 2011–2018. All rights reserved.