HttpAuthenticationMechanism API
E836339
The HttpAuthenticationMechanism API is a Jakarta Security interface that standardizes how HTTP-based authentication is implemented and integrated into Jakarta EE web applications.
Statements (45)
| Predicate | Object |
|---|---|
| instanceOf |
HTTP authentication mechanism abstraction
ⓘ
Jakarta Security API interface ⓘ |
| annotationBasedConfiguration |
@AutoApplySession
ⓘ
@LoginToContinue ⓘ @RememberMe ⓘ |
| configurationStyle |
annotation-based configuration
ⓘ
programmatic registration ⓘ |
| defines | standard contract for HTTP-based authentication ⓘ |
| designedFor | portable authentication across Jakarta EE implementations ⓘ |
| enables |
application-level control over HTTP authentication
ⓘ
custom authentication mechanisms ⓘ integration with container security context ⓘ |
| handles | authentication of HTTP requests ⓘ |
| hasMethod |
cleanSubject
ⓘ
secureResponse ⓘ validateRequest ⓘ |
| integratesWith |
Jakarta Security identity store
ⓘ
Jakarta Servlet NERFINISHED ⓘ |
| lifecycle | invoked by container per HTTP request ⓘ |
| namespace | jakarta.security.enterprise.authentication.mechanism.http ⓘ |
| notScope |
authorization policy definition
ⓘ
transport-level security configuration ⓘ |
| partOf |
Jakarta EE
NERFINISHED
ⓘ
Jakarta Security NERFINISHED ⓘ |
| provides |
container-driven authentication lifecycle callbacks
ⓘ
pluggable authentication mechanism model ⓘ |
| purpose |
to integrate authentication with Jakarta EE containers
ⓘ
to standardize how HTTP-based authentication is implemented ⓘ |
| relatedTo |
IdentityStore API
NERFINISHED
ⓘ
SecurityContext API NERFINISHED ⓘ |
| replaces | container-specific HTTP authentication SPIs ⓘ |
| returns | AuthenticationStatus from validateRequest ⓘ |
| scope | HTTP-based authentication only ⓘ |
| standardizedBy | Jakarta EE specification NERFINISHED ⓘ |
| supports |
declarative security with programmatic hooks
ⓘ
servlet-based web applications ⓘ |
| typicalImplementation |
basic authentication mechanism
ⓘ
bearer token authentication mechanism ⓘ custom single sign-on mechanism ⓘ form-based login mechanism ⓘ |
| usedFor |
establishing caller identity
ⓘ
securing HTTP responses ⓘ triggering authentication challenges ⓘ validating incoming HTTP requests ⓘ |
| usedIn | Jakarta EE web applications NERFINISHED ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.