Interface AuthenticationProvider

All Known Implementing Classes:
ContainerBasedAuthenticationProvider, HttpBasicAuthenticationProvider, OAuth2AuthenticationProvider

public interface AuthenticationProvider
A provider to handle the authentication of HttpServletRequests. May implement a specific authentication scheme.
Author:
Thorben Lindhauer
  • Method Details

    • extractAuthenticatedUser

      AuthenticationResult extractAuthenticatedUser(jakarta.servlet.http.HttpServletRequest request, ProcessEngine engine)
      Checks the request for authentication. May not return null, but always an AuthenticationResult that indicates, whether authentication was successful, and, if true, always provides the authenticated user. The result can only be successful if a valid user id was provided in the request. It is not required to provide the group or tenant id, as they will be resolved via the IdentityService (e.g. ProcessEngineAuthenticationFilter.setAuthenticatedUser(org.camunda.bpm.engine.ProcessEngine, java.lang.String, java.util.List<java.lang.String>, java.util.List<java.lang.String>)).
      Parameters:
      request - the request to authenticate
      engine - the process engine the request addresses. May be used to authenticate against the engine's identity service.
    • augmentResponseByAuthenticationChallenge

      void augmentResponseByAuthenticationChallenge(jakarta.servlet.http.HttpServletResponse response, ProcessEngine engine)

      Callback to add an authentication challenge to the response to the client. Called in case of unsuccessful authentication.

      For example, a Http Basic auth implementation may set the WWW-Authenticate header to Basic realm="engine name".

      Parameters:
      request - the response to augment
      engine - the process engine the request addressed. May be considered as an authentication realm to create a specific authentication challenge