All Classes and Interfaces

Class
Description
AbstractClearableCredential contains behavior common to Credential implementations that can be meaningfully cleared.
The Access Token is used by an application to access protected resources.
 
A generic authentication exception.
Parameters that are provided along with an authentication request.
The AuthenticationStatus is used as a return value by primarily the HttpAuthenticationMechanism to indicate the result (status) of the authentication process.
The AutoApplySession annotation provides an application the ability to declaratively designate that an authentication mechanism uses the jakarta.servlet.http.registerSession and auto applies this for every request.
Supports inline instantiation of the AutoApplySession annotation.
BasicAuthenticationCredential extends UsernamePasswordCredential to represent credentials used by HTTP Basic Authentication.
Annotation used to define a container authentication mechanism that implements the HTTP basic access authentication protocol as defined by the Servlet spec (13.6.1) and make that implementation available as an enabled CDI bean.
 
Supports inline instantiation of the BasicAuthenticationMechanismDefinition.BasicAuthenticationMechanism qualifier.
Enables multiple BasicAuthenticationMechanismDefinition annotations on the same type.
CallerOnlyCredential represents a credential that only contains a caller name and no secret of any kind.
Principal that represents the caller principal associated with the invocation being processed by the container (e.g.
 
ClaimsDefinition annotation defines claims mapping in openid connect client configuration.
Credential represents the credential the caller will use to authenticate.
CredentialValidationResult is the result from an attempt to validate an instance of Credential.
 
Annotation used to define a container authentication mechanism that implements authentication resembling Servlet FORM authentication (Servlet spec 13.6.3).
 
Enables multiple CustomFormAuthenticationMechanismDefinition annotations on the same type.
Annotation used to define a container-provided IdentityStore that stores caller credentials and identity attributes in a relational database, and make that implementation available as an enabled CDI bean.
Display specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User.
Annotation used to define a container authentication mechanism that implements FORM authentication as defined by the Servlet spec (13.6.3) and make that implementation available as an enabled CDI bean.
 
Supports inline instantiation of the FormAuthenticationMechanismDefinition.FormAuthenticationMechanism qualifier.
Enables multiple FormAuthenticationMechanismDefinition annotations on the same type.
HttpAuthenticationMechanism is a mechanism for obtaining a caller's credentials in some way, using the HTTP protocol where necessary.
HttpAuthenticationMechanismHandler is a mechanism for obtaining a caller's credentials in some way, using the HTTP protocol where necessary, by consulting a set of one or more HttpAuthenticationMechanisms.
This class is an implementation of the HttpAuthenticationMechanism interface that can be subclassed by developers wishing to provide extra or different functionality.
HttpMessageContext contains all of the per-request state information and encapsulates the client request, server response, container handler for authentication callbacks, and the subject representing the caller.
This class is an implementation of the HttpMessageContext interface that can be subclassed by developers wishing to provide extra or different functionality.
IdentityStore is a mechanism for validating a caller's credentials and accessing a caller's identity attributes.
Determines the type of validation (operations) that should be done by this store.
IdentityStoreHandler is a mechanism for validating a caller's credentials, and accessing a caller's identity attributes, by consulting a set of one or more IdentityStores.
An Identity token is a security token that is issued in an authentication flow process.
Annotation used to define a container provided IdentityStore that stores caller credentials and identity attributes (together caller identities) in an in-memory store, and make that implementation available as an enabled CDI bean.
Credentials define a single caller identity for use with the InMemoryIdentityStoreDefinition annotation.
Standard JWT claims.
Annotation used to define a container-provided IdentityStore that stores caller credentials and identity attributes (together caller identities) in an LDAP store, and make that implementation available as an enabled CDI bean.
Enum representing LDAP search scope values.
The LoginToContinue annotation provides an application the ability to declaratively add login to continue functionality to an authentication mechanism.
Supports inline instantiation of the LoginToContinue annotation.
LogoutDefinition annotation defines logout and RP session management configuration in openid connect client.
Annotation used to define a container authentication mechanism that implements the Authorization Code flow and Refresh tokens as defined by the OpenId Connect specification and make that implementation available as an enabled CDI bean.
Enables multiple OpenIdAuthenticationMechanismDefinition annotations on the same type.
 
Supports inline instantiation of the OpenIdAuthenticationMechanismDefinition.OpenIdAuthenticationMechanism qualifier.
User Claims received from the userinfo endpoint.
Contains constant specific to OpenId Connect specification http://openid.net/specs/openid-connect-core-1_0.html
An injectable interface that provides access to access token, identity token, claims and OpenId Connect provider related information.
OpenIdProviderMetadata annotation overrides the openid connect provider's endpoint value, discovered using providerUri.
Represents a text-based password, and includes a built-in mechanism for securely clearing the value.
PasswordHash is an interface for objects that can generate and verify password hashes.
This interface represents the built-in Pbkdf2PasswordHash implementation.
Prompt specifies whether the Authorization Server prompts the End-User for re-authentication and consent.
A refresh token provides continuous access to an authentication server while the user is not logged into an application by issuing a new access token.
The RememberMe annotation provides an application the ability to declaratively designate that an authentication mechanism effectively "remembers" the authentication and auto applies this with every request.
Supports inline instantiation of the RememberMe annotation.
RememberMeCredential represents a credential presented as a token, for the explicit usage with the Jakarta Security provided remember me function.
RememberMeIdentityStore is a mechanism for validating a caller's credentials and accessing a caller's identity attributes that's specifically tailored for the "remember me" feature.
 
The SecurityContext provides an access point for programmatic security; an injectable type that is intended to be used by application code to query and interact with Jakarta Security.
Represents the credentials typically used by standard caller name/password authentication.