HttpAuthenticationHandler (Bitbucket Server

```
public interface HttpAuthenticationHandler
```
Implementations may also implement HttpLogoutHandler, in which case they'll get a callback when the user logs out.
Implementations should be stateless and thread-safe, as a single instance will be used to service all authentication requests.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`AuthenticationResult`	`performAuthentication(HttpAuthenticationContext authenticationContext)` Invoked by the system when authentication is attempted over HTTP.
`void`	`validateAuthentication(HttpAuthenticationContext authenticationContext)` Invoked by the system on requests that have an authenticated user.

- Method Detail
  - validateAuthentication
```
void validateAuthentication(@Nonnull
                            HttpAuthenticationContext authenticationContext)
```
    Invoked by the system on requests that have an authenticated user. Implementations that need to check whether an external (SSO) session is still valid should implement that logic here.
    This method is called for every incoming request after the user initially authenticated. Implementors should make the implementation of this method as lightweight as possible.
    
    Parameters:
    
    authenticationContext - the authentication context that provides the authenticated user, request details, etc.
    
    Throws:
    
    AuthenticationException - if the current authentication is no longer valid and the user must re-authenticate.
  - performAuthentication
```
@Nullable
AuthenticationResult performAuthentication(@Nonnull
                                                     HttpAuthenticationContext authenticationContext)
```
    Invoked by the system when authentication is attempted over HTTP. Implementations must
    - return an AuthenticationResult if the user is authenticated successfully
    - return null if the handler does not know how to authenticate the user from the request (for instance when an expected SSO cookie is not present). By returning null, other handlers will be attempted.
    - throw an AuthenticationException if the provided authentication details are invalid (e.g. invalid username / password, cookie, etc.). In this case, no other handlers will be attempted.
    All registered handlers will be invoked in weight order until a handler returns a AuthenticationResult, or throws an AuthenticationException.
    Parameters:
    
    authenticationContext - the authentication context that provides username, password, request details, etc.
    
    Returns:
    
    an AuthenticationResult if the handler was able to authenticate a user based on the request, or null if the handler opted out
    
    Throws:
    
    AuthenticationException - if the handler is able to authenticate the request, but the credentials supplied were not valid or could not be validated
    
    Since:
    
    5.5

Interface HttpAuthenticationHandler

Method Summary

Method Detail

validateAuthentication

performAuthentication