Issue #5442 - add MultiAuthenticator to support multiple authentication options #12393
+927
−32
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…entication options Signed-off-by: Lachlan Roberts <[email protected]>
Signed-off-by: Lachlan Roberts <[email protected]>
Signed-off-by: Lachlan Roberts <[email protected]>
Signed-off-by: Lachlan Roberts <[email protected]>
gregw
requested changes
Oct 22, 2024
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/MultiAuthenticator.java
Show resolved
Hide resolved
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/MultiAuthenticator.java
Show resolved
Hide resolved
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/MultiAuthenticator.java
Show resolved
Hide resolved
...tty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java
Show resolved
Hide resolved
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/AnyUserLoginService.java
Show resolved
Hide resolved
...ore/jetty-security/src/main/java/org/eclipse/jetty/security/DefaultAuthenticatorFactory.java
Show resolved
Hide resolved
Signed-off-by: Lachlan Roberts <[email protected]>
gregw
requested changes
Oct 24, 2024
...ore/jetty-security/src/main/java/org/eclipse/jetty/security/DefaultAuthenticatorFactory.java
Show resolved
Hide resolved
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/MultiAuthenticator.java
Show resolved
Hide resolved
Signed-off-by: Lachlan Roberts <[email protected]>
gregw
approved these changes
Nov 4, 2024
sbordet
requested changes
Dec 12, 2024
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/AnyUserLoginService.java
Show resolved
Hide resolved
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/AnyUserLoginService.java
Show resolved
Hide resolved
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/MultiAuthenticator.java
Show resolved
Hide resolved
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/MultiAuthenticator.java
Outdated
Show resolved
Hide resolved
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/MultiAuthenticator.java
Show resolved
Hide resolved
| assertThat(response.getContentAsString(), containsString("<h1>Multi Login Page</h1>")); | ||
| assertThat(response.getContentAsString(), containsString("/login/openid")); | ||
| assertThat(response.getContentAsString(), containsString("/login/form")); | ||
| } |
There was a problem hiding this comment.
I would like to see:
- for this test, the access to a protected resource should be tried for both authentications.
- a new test for failed authentication, protected resources are not accessible
- a test where one authentication succeeds but the other fails -- can I still access the resource? Basically I would like to know if "multi" has "and" semantic (all authentications but must successful), or "or" semantic (one successful authentication is enough).
There was a problem hiding this comment.
The first two points are covered by the main test case.
a test where one authentication succeeds but the other fails -- can I still access the resource? Basically I would like to know if "multi" has "and" semantic (all authentications but must successful), or "or" semantic (one successful authentication is enough).
It doesn't work like this, once an authentication has succeeded you cannot attempt another authentication, because you are locked into that authenticator until you log out. So it has OR semantics.
So if I login with OPENID, then try to login as FORM, I will not be redirected to the form login page, and if I submit a form request to login it will go straight through the OpenIdAuthenticator and be delivered to the application.
Signed-off-by: Lachlan Roberts <[email protected]>
|
@lachlan-roberts let's wake this up and get it merged |
…5442-multipleAuthentication
…ibute Signed-off-by: Lachlan Roberts <[email protected]>
…5442-multipleAuthentication
|
@sbordet please review this one again so it can be merged |
sbordet
approved these changes
May 8, 2025
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/MultiAuthenticator.java
Outdated
Show resolved
Hide resolved
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/MultiAuthenticator.java
Show resolved
Hide resolved
tests/test-integration/src/test/java/org/eclipse/jetty/test/MultiAuthenticatorTest.java
Show resolved
Hide resolved
Signed-off-by: Lachlan Roberts <[email protected]>
…5442-multipleAuthentication
Signed-off-by: Lachlan Roberts <[email protected]>
…5442-multipleAuthentication
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #5442
Introduces the
MultiAuthenticatorclass which can be used to support multiple authentication options simultaneously for the same webapp.For example you could have an app with the options to login with FORM, OpenID or Ethereum.