Package jenkins.security
Class BasicHeaderAuthenticator
java.lang.Object
jenkins.security.BasicHeaderAuthenticator
- All Implemented Interfaces:
ExtensionPoint
- Direct Known Subclasses:
BasicHeaderApiTokenAuthenticator,BasicHeaderRealPasswordAuthenticator
When Jenkins receives HTTP basic authentication, this hook will validate the username/password
pair.
- Since:
- 1.576
- Author:
- Kohsuke Kawaguchi
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from interface hudson.ExtensionPoint
ExtensionPoint.LegacyInstancesAreScopedToHudson -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionall()authenticate(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse rsp, String username, String password) Deprecated.org.springframework.security.core.Authenticationauthenticate2(jakarta.servlet.http.HttpServletRequest req, jakarta.servlet.http.HttpServletResponse rsp, String username, String password) Given the parsed username and password field from the basic authentication header, determine the effective security credential to process the request with.org.springframework.security.core.Authenticationauthenticate2(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse rsp, String username, String password)
-
Constructor Details
-
BasicHeaderAuthenticator
public BasicHeaderAuthenticator()
-
-
Method Details
-
authenticate2
@CheckForNull public org.springframework.security.core.Authentication authenticate2(jakarta.servlet.http.HttpServletRequest req, jakarta.servlet.http.HttpServletResponse rsp, String username, String password) throws IOException, jakarta.servlet.ServletException Given the parsed username and password field from the basic authentication header, determine the effective security credential to process the request with.The method must return null if the password or username didn't match what's expected. When null is returned, other authenticators will get a chance to process the request. This is necessary because Jenkins accepts both real password as well as API tokens for the password.
In contrast, when an exception is thrown the request processing will fail immediately without providing a chance for other authenticators to process the request.
When no processor can validate the username/password pair, caller will make the request processing fail.
- Throws:
IOExceptionjakarta.servlet.ServletException- Since:
- 2.475
-
authenticate2
@CheckForNull @Deprecated public org.springframework.security.core.Authentication authenticate2(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse rsp, String username, String password) throws IOException, javax.servlet.ServletException - Throws:
IOExceptionjavax.servlet.ServletException- Since:
- 2.266
-
authenticate
@Deprecated @CheckForNull public Authentication authenticate(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse rsp, String username, String password) throws IOException, javax.servlet.ServletException Deprecated.- Throws:
IOExceptionjavax.servlet.ServletException
-
all
-
authenticate2(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)