Package com.spotfire.server.security

Interface CustomAuthenticator

public interface CustomAuthenticator
Service-provider interface for (passive) custom authentication.

A custom authenticator is an implementation of this interface. A custom authenticator is a suitable option when the user identity can be retrieved from an HTTP header or similar but the built-in functionality for retrieving such isn't sufficient - for example if the header contains a token that must be validated against some external service to establish the user identity.

An alternative to implementing this interface may be to implement a PostAuthenticationFilter, if the user identity can be established through some built-in authentication method and all that is needed is some additional verification (to impose restrictions on the IP number of the client for example).

If the authentication is based on username/password but some additional information needs to be collected from the user and verified it's better to combine a custom login page with a PostAuthenticationFilter and possibly a custom JAAS Login Module

Implementations of this interface must be thread-safe and reentrant.

Since:
7.6
See Also:

  • Method Details

    • init

      default void init(CustomAuthenticatorInitContext initContext) throws CustomAuthenticatorException
      Initializes this CustomAuthenticator.

      The default implementation calls the deprecated init(Map) method.

      Parameters:
      initContext - an initialization context containing parameters and other information that may be used by the implementing class
      Throws:
      CustomAuthenticatorException - if the initialization failed
      Since:
      10.1

    • init

      @Deprecated default void init(Map<String,String> parameters) throws CustomAuthenticatorException
      Deprecated.
      This method is deprecated and will be removed in a future release. Please implement the init(CustomAuthenticatorInitContext) method instead.
      Initializes this CustomAuthenticator.

      The default implementation does nothing.

      Parameters:
      parameters - a possibly empty map of initialization parameters
      Throws:
      CustomAuthenticatorException - if the initialization failed
      Since:
      7.6

    • authenticate

      CustomAuthenticatorPrincipal authenticate(AuthenticationContext authContext) throws CustomAuthenticatorException
      Performs authentication based on the provided AuthenticationContext.
      • If the method returns a principal, the Spotfire Server will use this identity without performing any further authentication.
      • If the method returns null, the Spotfire Server may attempt to perform authentication using another authentication method.
      • If the method throws an exception, the Spotfire server will not attempt to perform authentication using any other authentication method and an error will be returned to the client.
      Parameters:
      authContext - the context in which the authentication takes place, containing information mainly from the HttpServletRequest
      Returns:
      the authenticated principal or null if no (valid) credentials were included and authentication may be attempted using another authentication method
      Throws:
      CustomAuthenticatorException - if the authentication failed and authentication may not be attempted using another authentication method
      Since:
      7.6