DelegatingAuthenticator.java example

Explorer
h2o-3-master
package water;

import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
import org.eclipse.jetty.security.authentication.FormAuthenticator;
import org.eclipse.jetty.server.Authentication;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

/**
 * DelegatingAuthenticator dynamically switches between Form-based authentication
 * and Basic Access authentication.
 * The decision is made based on user's "User-Agent". Browser clients will use Form based
 * authentication, all other clients will use basic auth.
 */
class DelegatingAuthenticator implements Authenticator {

  private BasicAuthenticator _basicAuth;
  private FormAuthenticator _formAuth;

  DelegatingAuthenticator(BasicAuthenticator basicAuth, FormAuthenticator formAuth) {
    _basicAuth = basicAuth;
    _formAuth = formAuth;
  }

  @Override
  public void setConfiguration(AuthConfiguration configuration) {
    _basicAuth.setConfiguration(configuration);
    _formAuth.setConfiguration(configuration);
  }

  @Override
  public String getAuthMethod() {
    return "FORM_PREFERRED";
  }

  @Override
  public Authentication validateRequest(ServletRequest request, ServletResponse response,
                                        boolean mandatory) throws ServerAuthException {
    if (isBrowserAgent((HttpServletRequest) request))
      return _formAuth.validateRequest(request, response, mandatory);
    else
      return _basicAuth.validateRequest(request, response, mandatory);
  }

  private static boolean isBrowserAgent(HttpServletRequest request) {
    String userAgent = request.getHeader("User-Agent");
    // Covers all modern browsers (Firefox, Chrome, IE, Edge & Opera)
    return (userAgent != null) &&
            (userAgent.startsWith("Mozilla/") || userAgent.startsWith("Opera/"));
  }

  @Override
  public boolean secureResponse(ServletRequest request, ServletResponse response,
                                boolean mandatory, Authentication.User validatedUser) throws ServerAuthException {
    return true; // both BASIC and FORM return true
  }

}