Package org.mockserver.authentication

Interface AuthenticationHandler

All Known Implementing Classes:

ChainedAuthenticationHandler, JWTAuthenticationHandler, MTLSAuthenticationHandler, OidcAuthenticationHandler

public interface AuthenticationHandler

Method Summary

Modifier and Type	Method	Description
default AuthenticationResult	authenticate(HttpRequest request)	Richer authentication that additionally surfaces the VERIFIED principal, the source of verification, and a redaction-safe subset of claims/scopes for audit.
boolean	controlPlaneRequestAuthenticated(HttpRequest request)	Legacy boolean SPI: returns true if the control-plane request is authenticated.

Method Details

controlPlaneRequestAuthenticated

boolean controlPlaneRequestAuthenticated(HttpRequest request)

Legacy boolean SPI: returns true if the control-plane request is authenticated. Implementations may throw AuthenticationException to signal a 401 with a specific reason. Existing and third-party handlers implement only this method.

authenticate

default AuthenticationResult authenticate(HttpRequest request)

Richer authentication that additionally surfaces the VERIFIED principal, the source of verification, and a redaction-safe subset of claims/scopes for audit.

Default-adapts the legacy controlPlaneRequestAuthenticated(org.mockserver.model.HttpRequest) so existing handlers need ZERO changes: a true outcome becomes an authenticated-but-anonymous result (principal null, source "none"), preserving byte-for-byte behaviour. May throw AuthenticationException (401) exactly as the boolean method does.