public enum AuthenticationStatus extends Enum<AuthenticationStatus>
HttpAuthenticationMechanismto indicate the result (status) of the authentication process.
For the result from
HttpAuthenticationMechanism.validateRequest(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, jakarta.security.enterprise.authentication.mechanism.http.HttpMessageContext)
an AuthenticationStatus must be transformed by the Jakarta EE server into the corresponding Jakarta Authentication
according to the following rules:
After the transformation as outlined above the transformed result has to be processed by the Jakarta EE server as specified by the Servlet Container Profile of the Jakarta Authentication spec.
Implementation note: while the Jakarta Authentication Servlet Container Profile is the authoritative
source on how to process the
AuthStatus.SUCCESS result and this specification puts no constraints
of any kind on that, the expectation is that Jakarta EE servers in practice will mainly look at the
AuthStatus.SUCCESS or not
AuthStatus.SUCCESS. Simply said, if the result is
AuthStatus.SUCCESS the authenticated identity (if any) must be set (established) for the current HTTP request,
The return value of
SecurityContext.authenticate(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, jakarta.security.enterprise.authentication.mechanism.http.AuthenticationParameters)
, which is also of type AuthenticationStatus, strongly relates to the outcome of the
method as described above, but must be transformed by the Jakarta EE server from the corresponding outcome of the
HttpServletRequest.authenticate(jakarta.servlet.http.HttpServletResponse) call as follows:
[last status](see below)
HttpAuthenticationMechanism was used
[last status] must be
the value returned by
When a Jakarta Authentication ServerAuthModule (SAM) was used and an
was not used Jakarta EE servers are encouraged, but not required, to set
to the value returned by
ServerAuthModule#validateRequest transformed as follows:
When a Jakarta EE Server proprietary identity store equivalent was used and an
HttpAuthenticationMechanism was not used
Jakarta EE servers are encouraged, but not required, to set
[last status] to a value
that logically corresponds to the description of each enum constant of AuthenticationStatus. This outcome
should never be depended on by application code as being portable.
Application code calling
SecurityContext#authenticate is expected to act on all possible
values of AuthenticationStatus.
|Enum Constant and Description|
The authentication mechanism was called, but decided not to authenticate.
The authentication mechanism was called and a multi-step authentication dialog with the caller has been started (for instance, the caller has been redirected to a login page).
The authentication mechanism was called but the caller was not successfully authenticated and therefore the caller principal will not be made available.
The authentication mechanism was called and the caller was successfully authenticated.
|Modifier and Type||Method and Description|
Returns the enum constant of this type with the specified name.
Returns an array containing the constants of this enum type, in the order they are declared.
clone, compareTo, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf
public static final AuthenticationStatus NOT_DONE
public static final AuthenticationStatus SEND_CONTINUE
public static final AuthenticationStatus SUCCESS
public static final AuthenticationStatus SEND_FAILURE
Note that this status should be used to indicate a logical problem (such as a credential not matching or a caller ID that can not be found). Exceptions should be used for system level problems (such as a database connection timing out).
public static AuthenticationStatus values()
for (AuthenticationStatus c : AuthenticationStatus.values()) System.out.println(c);
public static AuthenticationStatus valueOf(String name)
Copyright © 2018,2020 Eclipse Foundation.
Use is subject to license terms.