Implementations of this class are used to parse credentials and
authenticate client requests. Implementations of this class are typically
instantiated within a servlet constructor and assigned to the servlet via
the setAuthenticator() method. Once an Authenticator is defined, several
security-related methods will be available via the HttpServletRequest
object (e.g. getCredentials(), getUserPrincipal(), authenticate(), etc).
There are no constructors. You can call the methods directly.
authenticate( ) returns void
Used to authenticate a client request. If the Authenticator fails to
authenticate the client, this method throws a ServletException.
getAuthType( ) returns String
Returns the authentication scheme used to authenticate clients (e.g.
"BASIC", "DIGEST", "CLIENT_CERT", etc).
getCredentials( ) returns String
Returns an array representing the client credentials associated with
this request. The first element in the array represents the username
and the second element represents the password. Client credentials may
be found in the "Authorization" request header, in a client certificate,
etc. Implementations of this class must communicate the authentication
scheme via the getAuthType() method. If the Authenticator fails to parse
the credentials, this method returns a null.
getPrinciple( ) returns java.security.Principal
Returns a java.security.Principal object containing the name of a given
user. If the user has not been authenticated, the method returns a null.
isUserInRole( String role ) returns boolean
Returns a boolean indicating whether a user is included in the specified
"role". Roles and role membership are often managed by instances of this
class using deployment descriptors. If the user is not authenticated, or
if no role is defined for the user, the method returns false.
newInstance( javaxt.http.servlet.HttpServletRequest request ) returns javaxt.http.servlet.Authenticator
Returns a new instance of an Authenticator used to authenticate requests.
This method is called with each new http request.