Java Code Examples for io.undertow.security.api.SecurityContext#registerNotificationReceiver()
The following examples show how to use
io.undertow.security.api.SecurityContext#registerNotificationReceiver() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: CachedAuthenticatedSessionHandler.java From quarkus-http with Apache License 2.0 | 6 votes |
|
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
SecurityContext securityContext = exchange.getSecurityContext();
securityContext.registerNotificationReceiver(NOTIFICATION_RECEIVER);
SessionManager sessionManager = exchange.getAttachment(SessionManager.ATTACHMENT_KEY);
SessionConfig sessionConfig = exchange.getAttachment(SessionConfig.ATTACHMENT_KEY);
if (sessionManager == null || sessionConfig == null) {
next.handleRequest(exchange);
return;
}
Session session = sessionManager.getSession(exchange, sessionConfig);
// If there was no existing HttpSession then there could not be a cached AuthenticatedSession so don't bother setting
// the AuthenticatedSessionManager.
if (session != null) {
exchange.putAttachment(AuthenticatedSessionManager.ATTACHMENT_KEY, SESSION_MANAGER);
}
next.handleRequest(exchange);
}
Example 2
| Source File: CachedAuthenticatedSessionHandler.java From lams with GNU General Public License v2.0 | 6 votes |
|
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
SecurityContext securityContext = exchange.getSecurityContext();
securityContext.registerNotificationReceiver(NOTIFICATION_RECEIVER);
SessionManager sessionManager = exchange.getAttachment(SessionManager.ATTACHMENT_KEY);
SessionConfig sessionConfig = exchange.getAttachment(SessionConfig.ATTACHMENT_KEY);
if (sessionManager == null || sessionConfig == null) {
next.handleRequest(exchange);
return;
}
Session session = sessionManager.getSession(exchange, sessionConfig);
// If there was no existing HttpSession then there could not be a cached AuthenticatedSession so don't bother setting
// the AuthenticatedSessionManager.
if (session != null) {
exchange.putAttachment(AuthenticatedSessionManager.ATTACHMENT_KEY, SESSION_MANAGER);
}
next.handleRequest(exchange);
}
Example 3
| Source File: AbstractUndertowKeycloakAuthMech.java From keycloak with Apache License 2.0 | 6 votes |
|
protected void registerNotifications(final SecurityContext securityContext) {
final NotificationReceiver logoutReceiver = new NotificationReceiver() {
@Override
public void handleNotification(SecurityNotification notification) {
if (notification.getEventType() != SecurityNotification.EventType.LOGGED_OUT) return;
HttpServerExchange exchange = notification.getExchange();
UndertowHttpFacade facade = createFacade(exchange);
KeycloakDeployment deployment = deploymentContext.resolveDeployment(facade);
KeycloakSecurityContext ksc = exchange.getAttachment(OIDCUndertowHttpFacade.KEYCLOAK_SECURITY_CONTEXT_KEY);
if (!deployment.isBearerOnly() && ksc != null && ksc instanceof RefreshableKeycloakSecurityContext) {
((RefreshableKeycloakSecurityContext) ksc).logout(deployment);
}
AdapterTokenStore tokenStore = getTokenStore(exchange, facade, deployment, securityContext);
tokenStore.logout();
}
};
securityContext.registerNotificationReceiver(logoutReceiver);
}
Example 4
| Source File: AbstractSamlAuthMech.java From keycloak with Apache License 2.0 | 6 votes |
|
protected void registerNotifications(final SecurityContext securityContext) {
final NotificationReceiver logoutReceiver = new NotificationReceiver() {
@Override
public void handleNotification(SecurityNotification notification) {
if (notification.getEventType() != SecurityNotification.EventType.LOGGED_OUT)
return;
HttpServerExchange exchange = notification.getExchange();
UndertowHttpFacade facade = createFacade(exchange);
SamlDeployment deployment = deploymentContext.resolveDeployment(facade);
SamlSessionStore sessionStore = getTokenStore(exchange, facade, deployment, securityContext);
sessionStore.logoutAccount();
}
};
securityContext.registerNotificationReceiver(logoutReceiver);
}
Example 5
| Source File: CachedAuthenticatedSessionHandler.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
SecurityContext securityContext = exchange.getSecurityContext();
securityContext.registerNotificationReceiver(NOTIFICATION_RECEIVER);
HttpSession session = servletContext.getSession(exchange, false);
// If there was no existing HttpSession then there could not be a cached AuthenticatedSession so don't bother setting
// the AuthenticatedSessionManager.
if (session != null) {
exchange.putAttachment(AuthenticatedSessionManager.ATTACHMENT_KEY, SESSION_MANAGER);
SavedRequest.tryRestoreRequest(exchange, session); //not sure if this is where it belongs
}
next.handleRequest(exchange);
}
Example 6
| Source File: NotificationReceiverHandler.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
SecurityContext sc = exchange.getSecurityContext();
for (int i = 0; i < receivers.length; ++i) {
sc.registerNotificationReceiver(receivers[i]);
}
next.handleRequest(exchange);
}
Example 7
| Source File: SingleSignOnAuthenticationMechanism.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) {
Cookie cookie = exchange.getRequestCookies().get(cookieName);
if (cookie != null) {
final String ssoId = cookie.getValue();
log.tracef("Found SSO cookie %s", ssoId);
try (SingleSignOn sso = this.singleSignOnManager.findSingleSignOn(ssoId)) {
if (sso != null) {
if (log.isTraceEnabled()) {
log.tracef("SSO session with ID: %s found.", ssoId);
}
Account verified = getIdentityManager(securityContext).verify(sso.getAccount());
if (verified == null) {
if (log.isTraceEnabled()) {
log.tracef("Account not found. Returning 'not attempted' here.");
}
//we return not attempted here to allow other mechanisms to proceed as normal
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
final Session session = getSession(exchange);
registerSessionIfRequired(sso, session);
securityContext.authenticationComplete(verified, sso.getMechanismName(), false);
securityContext.registerNotificationReceiver(new NotificationReceiver() {
@Override
public void handleNotification(SecurityNotification notification) {
if (notification.getEventType() == SecurityNotification.EventType.LOGGED_OUT) {
singleSignOnManager.removeSingleSignOn(sso);
}
}
});
log.tracef("Authenticated account %s using SSO", verified.getPrincipal().getName());
return AuthenticationMechanismOutcome.AUTHENTICATED;
}
}
clearSsoCookie(exchange);
}
exchange.addResponseCommitListener(responseListener);
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
Example 8
| Source File: NotificationReceiverHandler.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
SecurityContext sc = exchange.getSecurityContext();
for (int i = 0; i < receivers.length; ++i) {
sc.registerNotificationReceiver(receivers[i]);
}
next.handleRequest(exchange);
}
Example 9
| Source File: SingleSignOnAuthenticationMechanism.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) {
Cookie cookie = exchange.getRequestCookies().get(cookieName);
if (cookie != null) {
final String ssoId = cookie.getValue();
log.tracef("Found SSO cookie %s", ssoId);
try (SingleSignOn sso = this.singleSignOnManager.findSingleSignOn(ssoId)) {
if (sso != null) {
if(log.isTraceEnabled()) {
log.tracef("SSO session with ID: %s found.", ssoId);
}
Account verified = getIdentityManager(securityContext).verify(sso.getAccount());
if (verified == null) {
if(log.isTraceEnabled()) {
log.tracef("Account not found. Returning 'not attempted' here.");
}
//we return not attempted here to allow other mechanisms to proceed as normal
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
final Session session = getSession(exchange);
registerSessionIfRequired(sso, session);
securityContext.authenticationComplete(verified, sso.getMechanismName(), false);
securityContext.registerNotificationReceiver(new NotificationReceiver() {
@Override
public void handleNotification(SecurityNotification notification) {
if (notification.getEventType() == SecurityNotification.EventType.LOGGED_OUT) {
singleSignOnManager.removeSingleSignOn(sso);
}
}
});
log.tracef("Authenticated account %s using SSO", verified.getPrincipal().getName());
return AuthenticationMechanismOutcome.AUTHENTICATED;
}
}
clearSsoCookie(exchange);
}
exchange.addResponseWrapper(responseListener);
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
Example 10
| Source File: CachedAuthenticatedSessionHandler.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
SecurityContext securityContext = exchange.getSecurityContext();
securityContext.registerNotificationReceiver(NOTIFICATION_RECEIVER);
HttpSession session = servletContext.getSession(exchange, false);
// If there was no existing HttpSession then there could not be a cached AuthenticatedSession so don't bother setting
// the AuthenticatedSessionManager.
if (session != null) {
exchange.putAttachment(AuthenticatedSessionManager.ATTACHMENT_KEY, SESSION_MANAGER);
SavedRequest.tryRestoreRequest(exchange, session); //not sure if this is where it belongs
}
next.handleRequest(exchange);
}
