public interface CustomAuthenticator
A custom authenticator is an implementation of this interface. A custom authenticator is a suitable option when the user identity can be retrieved from an HTTP header or similar but the built-in functionality for retrieving such isn't sufficient - for example if the header contains a token that must be validated against some external service to establish the user identity.
An alternative to implementing this interface may be to implement a PostAuthenticationFilter
, if the user
identity can be established through some built-in authentication method and all that is needed is some additional
verification (to impose restrictions on the IP number of the client for example).
If the authentication is based on username/password but some additional information needs to be collected from the
user and verified it's better to combine a custom login page with a PostAuthenticationFilter
and
possibly a custom JAAS Login Module
Implementations of this interface must be thread-safe and reentrant.
PostAuthenticationFilter
,
NamePasswordLoginModule
Modifier and Type | Method and Description |
---|---|
CustomAuthenticatorPrincipal |
authenticate(AuthenticationContext authContext)
Performs authentication based on the provided
AuthenticationContext . |
default void |
init(java.util.Map parameters)
Initializes this
CustomAuthenticator . |
default void init(java.util.Map parameters) throws CustomAuthenticatorException
CustomAuthenticator
.
The default implementation does nothing.
parameters
- a possibly empty map of initialization parametersCustomAuthenticatorException
- if the initialization failedCustomAuthenticatorPrincipal authenticate(AuthenticationContext authContext) throws CustomAuthenticatorException
AuthenticationContext
.
null
, the Spotfire Server may attempt to perform authentication using another
authentication method.authContext
- the context in which the authentication takes place, containing information mainly from the
HttpServletRequest
null
if no (valid) credentials were included and authentication may
be attempted using another authentication methodCustomAuthenticatorException
- if the authentication failed and authentication may not be attempted using
another authentication methodCopyright © 2000-2020 TIBCO Software Inc. All Rights Reserved.