Package org.forgerock.caf.authentication.framework

Class AuthenticationFilter

java.lang.Object
org.forgerock.caf.authentication.framework.AuthenticationFilter
All Implemented Interfaces:
Filter
public final class AuthenticationFilter extends Object implements Filter

A HTTP Filter that will protect all downstream filters or handlers.

The filter instance is created by creating a builder instance, (builder()), and providing the modules and configuration, for the particular authentication framework instance, that will be used to authenticate incoming requests and outgoing responses.

The authentication framework can be configured with a single session authentication module, which will authenticate requests based on some session identifier, and an ordered list of authentication modules, that are executed in order on a first succeeds wins basis.

The authentication framework must be configured with a non-null AuditApi instance, so that it can audit authentication outcomes.

Since:
2.0.0

  • Method Details

    • filter

      public Promise<Response,NeverThrowsException> filter(Context context, Request request, Handler next)
      Authenticates incoming request messages and if successful calls the downstream filter or handler and then secures the returned response.
      Specified by:
      filter in interface Filter
      Parameters:
      context - The request context.
      request - The request.
      next - The downstream filter or handler in the chain that should only be called if the request was successfully authenticated.
      Returns:
      A Promise representing the response to be returned to the client.

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • builder

      public static AuthenticationFilter.AuthenticationFilterBuilder builder()
      Returns a new AuthenticationFilterBuilder instance which is to be used to configure an instance of the Authentication Framework.
      Returns:
      An AuthenticationFilterBuilder instance.