Package org.aktin.broker.util
Class AuthFilterSSLHeaders
java.lang.Object
org.aktin.broker.util.AuthFilterSSLHeaders
- All Implemented Interfaces:
HeaderAuthentication
public class AuthFilterSSLHeaders extends Object implements HeaderAuthentication
Authentication filter for RESTful interfaces.
After authentication, security is handled by the SecurityContext
interface. Since the security context has no isAdmin method,
a special role "admin" is used for that purpose.
@Authenticated @Provider @Priority(Priorities.AUTHENTICATION)
- Author:
- R.W.Majeed
-
Field Summary
Fields Modifier and Type Field Description static StringX_SSL_CLIENT_DNstatic StringX_SSL_CLIENT_IDClient ID to uniquely identify the client.static StringX_SSL_CLIENT_VERIFY -
Constructor Summary
Constructors Constructor Description AuthFilterSSLHeaders() -
Method Summary
Modifier and Type Method Description AuthInfoauthenticateByHeaders(Function<String,String> getHeader)Set<AuthRole>loadRolesFromClientDN(String clientDN)Override this method to derive the user roles from client DN.
-
Field Details
-
X_SSL_CLIENT_ID
Client ID to uniquely identify the client. You can use the certificate serial number or the fingerprint value.- See Also:
- Constant Field Values
-
X_SSL_CLIENT_DN
- See Also:
- Constant Field Values
-
X_SSL_CLIENT_VERIFY
- See Also:
- Constant Field Values
-
-
Constructor Details
-
AuthFilterSSLHeaders
public AuthFilterSSLHeaders()
-
-
Method Details
-
loadRolesFromClientDN
Override this method to derive the user roles from client DN. Default implementation looks if the DN contains the stringOU=adminto differentiate between admin and node roles.- Parameters:
clientDN- client dn- Returns:
- set of roles
-
authenticateByHeaders
- Specified by:
authenticateByHeadersin interfaceHeaderAuthentication- Throws:
IOException
-