- All Implemented Interfaces:
public enum AuthenticationStatus extends java.lang.Enum<AuthenticationStatus>
HttpAuthenticationMechanismto indicate the result (status) of the authentication process.
For the result from
HttpAuthenticationMechanism.validateRequest(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, jakarta.security.enterprise.authentication.mechanism.http.HttpMessageContext)
an AuthenticationStatus must be transformed by the Jakarta EE server into the corresponding Jakarta Authentication
according to the following rules:
- AuthenticationStatus.NOT_DONE to AuthStatus.SUCCESS
- AuthenticationStatus.SEND_CONTINUE to AuthStatus.SEND_CONTINUE
- AuthenticationStatus.SUCCESS to AuthStatus.SUCCESS
- AuthenticationStatus.SEND_FAILURE to AuthStatus.SEND_FAILURE
After the transformation as outlined above the transformed result has to be processed by the Jakarta EE server as specified by the Servlet Container Profile of the Jakarta Authentication spec.
Implementation note: while the Jakarta Authentication Servlet Container Profile is the authoritative
source on how to process the
AuthStatus.SUCCESS result and this specification puts no constraints
of any kind on that, the expectation is that Jakarta EE servers in practice will mainly look at the
AuthStatus.SUCCESS or not
AuthStatus.SUCCESS. Simply said, if the result is
AuthStatus.SUCCESS the authenticated identity (if any) must be set (established) for the current HTTP request,
The return value of
SecurityContext.authenticate(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, jakarta.security.enterprise.authentication.mechanism.http.AuthenticationParameters)
, which is also of type AuthenticationStatus, strongly relates to the outcome of the
method as described above, but must be transformed by the Jakarta EE server from the corresponding outcome of the
HttpServletRequest.authenticate(jakarta.servlet.http.HttpServletResponse) call as follows:
[last status](see below)
HttpAuthenticationMechanism was used
[last status] must be
the value returned by
When a Jakarta Authentication ServerAuthModule (SAM) was used and an
was not used Jakarta EE servers are encouraged, but not required, to set
to the value returned by
ServerAuthModule#validateRequest transformed as follows:
- AuthStatus.SEND_CONTINUE to AuthenticationStatus.SEND_CONTINUE
- AuthStatus.SUCCESS to AuthenticationStatus.SUCCESS
- AuthStatus.SEND_FAILURE to AuthenticationStatus.SEND_FAILURE
- (all other outcomes) to AuthenticationStatus.NOT_DONE
When a Jakarta EE Server proprietary identity store equivalent was used and an
HttpAuthenticationMechanism was not used
Jakarta EE servers are encouraged, but not required, to set
[last status] to a value
that logically corresponds to the description of each enum constant of AuthenticationStatus. This outcome
should never be depended on by application code as being portable.
Application code calling
SecurityContext#authenticate is expected to act on all possible
values of AuthenticationStatus.
Nested Class Summary
Enum Constant Summary
Enum Constants Enum Constant Description
NOT_DONEThe authentication mechanism was called, but decided not to authenticate.
SEND_CONTINUEThe authentication mechanism was called and a multi-step authentication dialog with the caller has been started (for instance, the caller has been redirected to a login page).
SEND_FAILUREThe authentication mechanism was called but the caller was not successfully authenticated and therefore the caller principal will not be made available.
SUCCESSThe authentication mechanism was called and the caller was successfully authenticated.
Methods inherited from class java.lang.Enum
clone, compareTo, describeConstable, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf
Enum Constant Details
public static final AuthenticationStatus NOT_DONEThe authentication mechanism was called, but decided not to authenticate. This status would be typically returned in pre-emptive security; the authentication mechanism is called, but authentication is optional and would only take place when for instance a specific request header is present.
public static final AuthenticationStatus SEND_CONTINUEThe authentication mechanism was called and a multi-step authentication dialog with the caller has been started (for instance, the caller has been redirected to a login page). Simply said authentication is "in progress". Calling application code (if any) should not write to the response when this status is received.
public static final AuthenticationStatus SUCCESSThe authentication mechanism was called and the caller was successfully authenticated. After the Jakarta EE server has processed this outcome, the caller principal is available.
public static final AuthenticationStatus SEND_FAILUREThe authentication mechanism was called but the caller was not successfully authenticated and therefore the caller principal will not be made available.
Note that this status should be used to indicate a logical problem (such as a credential not matching or a caller ID that can not be found). Exceptions should be used for system level problems (such as a database connection timing out).
public static AuthenticationStatus values()Returns an array containing the constants of this enum type, in the order they are declared.
- an array containing the constants of this enum type, in the order they are declared
public static AuthenticationStatus valueOf(java.lang.String name)Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
name- the name of the enum constant to be returned.
- the enum constant with the specified name
java.lang.IllegalArgumentException- if this enum type has no constant with the specified name
java.lang.NullPointerException- if the argument is null