io.undertow.security.api.AuthenticationMechanism Java Examples
The following examples show how to use
io.undertow.security.api.AuthenticationMechanism.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: BasicAuthenticationMechanism.java From lams with GNU General Public License v2.0 | 6 votes |
|
@Override
public AuthenticationMechanism create(String mechanismName,IdentityManager identityManager, FormParserFactory formParserFactory, Map<String, String> properties) {
String realm = properties.get(REALM);
String silent = properties.get(SILENT);
String charsetString = properties.get(CHARSET);
Charset charset = charsetString == null ? StandardCharsets.UTF_8 : Charset.forName(charsetString);
Map<Pattern, Charset> userAgentCharsets = new HashMap<>();
String userAgentString = properties.get(USER_AGENT_CHARSETS);
if(userAgentString != null) {
String[] parts = userAgentString.split(",");
if(parts.length % 2 != 0) {
throw UndertowMessages.MESSAGES.userAgentCharsetMustHaveEvenNumberOfItems(userAgentString);
}
for(int i = 0; i < parts.length; i += 2) {
Pattern pattern = Pattern.compile(parts[i]);
Charset c = Charset.forName(parts[i + 1]);
userAgentCharsets.put(pattern, c);
}
}
return new BasicAuthenticationMechanism(realm, mechanismName, silent != null && silent.equals("true"), identityManager, charset, userAgentCharsets);
}
Example #2
| Source File: BasicAuthenticationMechanism.java From quarkus-http with Apache License 2.0 | 6 votes |
|
@Override
public AuthenticationMechanism create(String mechanismName, IdentityManager identityManager, FormParserFactory formParserFactory, Map<String, String> properties) {
String realm = properties.get(REALM);
String silent = properties.get(SILENT);
String charsetString = properties.get(CHARSET);
Charset charset = charsetString == null ? StandardCharsets.UTF_8 : Charset.forName(charsetString);
Map<Pattern, Charset> userAgentCharsets = new HashMap<>();
String userAgentString = properties.get(USER_AGENT_CHARSETS);
if(userAgentString != null) {
String[] parts = userAgentString.split(",");
if(parts.length % 2 != 0) {
throw UndertowMessages.MESSAGES.userAgentCharsetMustHaveEvenNumberOfItems(userAgentString);
}
for(int i = 0; i < parts.length; i += 2) {
Pattern pattern = Pattern.compile(parts[i]);
Charset c = Charset.forName(parts[i + 1]);
userAgentCharsets.put(pattern, c);
}
}
return new BasicAuthenticationMechanism(realm, mechanismName, silent != null && silent.equals("true"), identityManager, charset, userAgentCharsets);
}
Example #3
| Source File: LightBasicAuthenticationMechanism.java From light-oauth2 with Apache License 2.0 | 6 votes |
|
@Override
public AuthenticationMechanism create(String mechanismName, FormParserFactory formParserFactory, Map<String, String> properties) {
String realm = properties.get(REALM);
String silent = properties.get(SILENT);
String charsetString = properties.get(CHARSET);
Charset charset = charsetString == null ? StandardCharsets.UTF_8 : Charset.forName(charsetString);
Map<Pattern, Charset> userAgentCharsets = new HashMap<>();
String userAgentString = properties.get(USER_AGENT_CHARSETS);
if(userAgentString != null) {
String[] parts = userAgentString.split(",");
if(parts.length % 2 != 0) {
throw UndertowMessages.MESSAGES.userAgentCharsetMustHaveEvenNumberOfItems(userAgentString);
}
for(int i = 0; i < parts.length; i += 2) {
Pattern pattern = Pattern.compile(parts[i]);
Charset c = Charset.forName(parts[i + 1]);
userAgentCharsets.put(pattern, c);
}
}
return new com.networknt.oauth.security.LightBasicAuthenticationMechanism(realm, mechanismName, silent != null && silent.equals("true"), identityManager, charset, userAgentCharsets);
}
Example #4
| Source File: SecurityContextImpl.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
@Deprecated
public List<AuthenticationMechanism> getAuthenticationMechanisms() {
List<AuthenticationMechanism> ret = new LinkedList<>();
Node<AuthenticationMechanism> cur = authMechanisms;
while (cur != null) {
ret.add(cur.item);
cur = cur.next;
}
return Collections.unmodifiableList(ret);
}
Example #5
| Source File: SecurityContextImpl.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
@Deprecated
public List<AuthenticationMechanism> getAuthenticationMechanisms() {
List<AuthenticationMechanism> ret = new LinkedList<>();
Node<AuthenticationMechanism> cur = authMechanisms;
while (cur != null) {
ret.add(cur.item);
cur = cur.next;
}
return Collections.unmodifiableList(ret);
}
Example #6
| Source File: SecurityContextImpl.java From lams with GNU General Public License v2.0 | 5 votes |
|
private AuthenticationState transition() {
if (currentMethod != null) {
final AuthenticationMechanism mechanism = currentMethod.item;
currentMethod = currentMethod.next;
AuthenticationMechanismOutcome outcome = mechanism.authenticate(exchange, SecurityContextImpl.this);
if(UndertowLogger.SECURITY_LOGGER.isDebugEnabled()) {
UndertowLogger.SECURITY_LOGGER.debugf("Authentication outcome was %s with method %s for %s", outcome, mechanism, exchange.getRequestURI());
if(UndertowLogger.SECURITY_LOGGER.isTraceEnabled()) {
UndertowLogger.SECURITY_LOGGER.tracef("Contents of exchange after authentication attempt is %s", exchange);
}
}
if (outcome == null) {
throw UndertowMessages.MESSAGES.authMechanismOutcomeNull();
}
switch (outcome) {
case AUTHENTICATED:
// TODO - Should verify that the mechanism did register an authenticated Account.
return AuthenticationState.AUTHENTICATED;
case NOT_AUTHENTICATED:
// A mechanism attempted to authenticate but could not complete, this now means that
// authentication is required and challenges need to be sent.
setAuthenticationRequired();
return AuthenticationState.ATTEMPTED;
case NOT_ATTEMPTED:
// Time to try the next mechanism.
return transition();
default:
throw new IllegalStateException();
}
} else {
// Reached the end of the mechanisms and no mechanism authenticated for us to reach this point.
return AuthenticationState.ATTEMPTED;
}
}
Example #7
| Source File: SecurityContextImpl.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public void addAuthenticationMechanism(final AuthenticationMechanism handler) {
// TODO - Do we want to change this so we can ensure the mechanisms are not modifiable mid request?
if(authMechanisms == null) {
authMechanisms = new Node<>(handler);
} else {
Node<AuthenticationMechanism> cur = authMechanisms;
while (cur.next != null) {
cur = cur.next;
}
cur.next = new Node<>(handler);
}
}
Example #8
| Source File: SecurityContextImpl.java From lams with GNU General Public License v2.0 | 5 votes |
|
private AuthenticationState transition() {
if (currentMethod != null) {
final AuthenticationMechanism mechanism = currentMethod.item;
currentMethod = currentMethod.next;
ChallengeResult result = mechanism.sendChallenge(exchange, SecurityContextImpl.this);
if(result == null) {
throw UndertowMessages.MESSAGES.sendChallengeReturnedNull(mechanism);
}
if (result.isChallengeSent()) {
challengeSent = true;
Integer desiredCode = result.getDesiredResponseCode();
if (desiredCode != null && (chosenStatusCode == null || chosenStatusCode.equals(StatusCodes.OK))) {
chosenStatusCode = desiredCode;
if (chosenStatusCode.equals(StatusCodes.OK) == false) {
if(!exchange.isResponseStarted()) {
exchange.setStatusCode(chosenStatusCode);
}
}
}
}
// We always transition so we can reach the end of the list and hit the else.
return transition();
} else {
if(!exchange.isResponseStarted()) {
// Iterated all mechanisms, if OK it will not be set yet.
if (chosenStatusCode == null) {
if (challengeSent == false) {
// No mechanism generated a challenge so send a 403 as our challenge - i.e. just rejecting the request.
exchange.setStatusCode(StatusCodes.FORBIDDEN);
}
} else if (chosenStatusCode.equals(StatusCodes.OK)) {
exchange.setStatusCode(chosenStatusCode);
}
}
return AuthenticationState.CHALLENGE_SENT;
}
}
Example #9
| Source File: SpnegoBasicAuthenticationTestCase.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
protected List<AuthenticationMechanism> getTestMechanisms() {
ArrayList<AuthenticationMechanism> mechanisms = new ArrayList<>(super.getTestMechanisms());
mechanisms.add(BasicAuthenticationTestCase.getTestMechanism());
return mechanisms;
}
Example #10
| Source File: DigestAuthentication2069TestCase.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
protected List<AuthenticationMechanism> getTestMechanisms() {
List<DigestQop> qopList = Collections.emptyList();
AuthenticationMechanism mechanism = new DigestAuthenticationMechanism(Collections.singletonList(DigestAlgorithm.MD5),
qopList, REALM_NAME, "/", new SimpleNonceManager());
return Collections.singletonList(mechanism);
}
Example #11
| Source File: SecurityContextImpl.java From quarkus-http with Apache License 2.0 | 5 votes |
|
private AuthenticationState transition() {
if (currentMethod != null) {
final AuthenticationMechanism mechanism = currentMethod.item;
currentMethod = currentMethod.next;
ChallengeResult result = mechanism.sendChallenge(exchange, SecurityContextImpl.this);
if(result == null) {
throw UndertowMessages.MESSAGES.sendChallengeReturnedNull(mechanism);
}
if (result.isChallengeSent()) {
challengeSent = true;
Integer desiredCode = result.getDesiredResponseCode();
if (desiredCode != null && (chosenStatusCode == null || chosenStatusCode.equals(StatusCodes.OK))) {
chosenStatusCode = desiredCode;
if (chosenStatusCode.equals(StatusCodes.OK) == false) {
if(!exchange.isResponseStarted()) {
exchange.setStatusCode(chosenStatusCode);
}
}
}
}
// We always transition so we can reach the end of the list and hit the else.
return transition();
} else {
if(!exchange.isResponseStarted()) {
// Iterated all mechanisms, if OK it will not be set yet.
if (chosenStatusCode == null) {
if (challengeSent == false) {
// No mechanism generated a challenge so send a 403 as our challenge - i.e. just rejecting the request.
exchange.setStatusCode(StatusCodes.FORBIDDEN);
}
} else if (chosenStatusCode.equals(StatusCodes.OK)) {
exchange.setStatusCode(chosenStatusCode);
}
}
return AuthenticationState.CHALLENGE_SENT;
}
}
Example #12
| Source File: SecurityContextImpl.java From quarkus-http with Apache License 2.0 | 5 votes |
|
private AuthenticationState transition() {
if (currentMethod != null) {
final AuthenticationMechanism mechanism = currentMethod.item;
currentMethod = currentMethod.next;
AuthenticationMechanismOutcome outcome = mechanism.authenticate(exchange, SecurityContextImpl.this);
if(UndertowLogger.SECURITY_LOGGER.isDebugEnabled()) {
UndertowLogger.SECURITY_LOGGER.tracef("Authentication outcome was %s with method %s for %s", outcome, mechanism, exchange.getRequestURI());
if(UndertowLogger.SECURITY_LOGGER.isTraceEnabled()) {
UndertowLogger.SECURITY_LOGGER.tracef("Contents of exchange after authentication attempt is %s", exchange);
}
}
if (outcome == null) {
throw UndertowMessages.MESSAGES.authMechanismOutcomeNull();
}
switch (outcome) {
case AUTHENTICATED:
// TODO - Should verify that the mechanism did register an authenticated Account.
return AuthenticationState.AUTHENTICATED;
case NOT_AUTHENTICATED:
// A mechanism attempted to authenticate but could not complete, this now means that
// authentication is required and challenges need to be sent.
setAuthenticationRequired();
return AuthenticationState.ATTEMPTED;
case NOT_ATTEMPTED:
// Time to try the next mechanism.
return transition();
default:
throw new IllegalStateException();
}
} else {
// Reached the end of the mechanisms and no mechanism authenticated for us to reach this point.
return AuthenticationState.ATTEMPTED;
}
}
Example #13
| Source File: SpnegoDigestAuthenticationTestCase.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
protected List<AuthenticationMechanism> getTestMechanisms() {
ArrayList<AuthenticationMechanism> mechanisms = new ArrayList<>(super.getTestMechanisms());
mechanisms.add(DigestAuthenticationAuthTestCase.getTestMechanism());
return mechanisms;
}
Example #14
| Source File: SecurityContextImpl.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public void addAuthenticationMechanism(final AuthenticationMechanism handler) {
// TODO - Do we want to change this so we can ensure the mechanisms are not modifiable mid request?
if(authMechanisms == null) {
authMechanisms = new Node<>(handler);
} else {
Node<AuthenticationMechanism> cur = authMechanisms;
while (cur.next != null) {
cur = cur.next;
}
cur.next = new Node<>(handler);
}
}
Example #15
| Source File: FormAuthTestCase.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
protected List<AuthenticationMechanism> getTestMechanisms() {
List<AuthenticationMechanism> ret = new ArrayList<>();
ret.add(new CachedAuthenticatedSessionMechanism());
ret.add(new FormAuthenticationMechanism("test", "/login", "/error"));
return ret;
}
Example #16
| Source File: DigestAuthenticationAuthTestCase.java From quarkus-http with Apache License 2.0 | 5 votes |
|
/**
* @see io.undertow.server.security.AuthenticationTestBase#getTestMechanisms()
*/
@Override
protected List<AuthenticationMechanism> getTestMechanisms() {
AuthenticationMechanism mechanism = getTestMechanism();
return Collections.singletonList(mechanism);
}
Example #17
| Source File: ServletFormAuthenticationMechanism.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public AuthenticationMechanism create(String mechanismName, IdentityManager identityManager, FormParserFactory formParserFactory, Map<String, String> properties) {
boolean saveOriginal = true;
if(properties.containsKey(SAVE_ORIGINAL_REQUEST)) {
saveOriginal = Boolean.parseBoolean(properties.get(SAVE_ORIGINAL_REQUEST));
}
return new ServletFormAuthenticationMechanism(formParserFactory, mechanismName, properties.get(LOGIN_PAGE), properties.get(ERROR_PAGE), identityManager, saveOriginal);
}
Example #18
| Source File: ServletFormAuthenticationMechanism.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public AuthenticationMechanism create(String mechanismName, IdentityManager identityManager, FormParserFactory formParserFactory, Map<String, String> properties) {
boolean saveOriginal = true;
if(properties.containsKey(SAVE_ORIGINAL_REQUEST)) {
saveOriginal = Boolean.parseBoolean(properties.get(SAVE_ORIGINAL_REQUEST));
}
return new ServletFormAuthenticationMechanism( formParserFactory, mechanismName, properties.get(LOGIN_PAGE), properties.get(ERROR_PAGE), identityManager, saveOriginal);
}
Example #19
| Source File: LogoutHandler.java From wildfly-core with GNU Lesser General Public License v2.1 | 5 votes |
|
private AuthenticationMechanism mechanism(final boolean opera, final boolean digest) {
if (digest) {
return opera ? fakeRealmdigestMechanism : digestMechanism;
} else {
return opera ? fakeRealmBasicMechanism : basicMechanism;
}
}
Example #20
| Source File: AuthenticationMechanismsHandler.java From lams with GNU General Public License v2.0 | 4 votes |
|
public AuthenticationMechanismsHandler(final List<AuthenticationMechanism> authenticationHandlers) {
this.authenticationMechanisms = authenticationHandlers.toArray(new AuthenticationMechanism[authenticationHandlers.size()]);
}
Example #21
| Source File: DeploymentImpl.java From lams with GNU General Public License v2.0 | 4 votes |
|
public void setAuthenticationMechanisms(List<AuthenticationMechanism> authenticationMechanisms) {
this.authenticationMechanisms = authenticationMechanisms;
}
Example #22
| Source File: DeploymentInfo.java From lams with GNU General Public License v2.0 | 4 votes |
|
public AuthenticationMechanism getJaspiAuthenticationMechanism() {
return jaspiAuthenticationMechanism;
}
Example #23
| Source File: DeploymentInfo.java From lams with GNU General Public License v2.0 | 4 votes |
|
public DeploymentInfo setJaspiAuthenticationMechanism(AuthenticationMechanism jaspiAuthenticationMechanism) {
this.jaspiAuthenticationMechanism = jaspiAuthenticationMechanism;
return this;
}
Example #24
| Source File: ImmediateAuthenticationMechanismFactory.java From lams with GNU General Public License v2.0 | 4 votes |
|
@Override
public AuthenticationMechanism create(String mechanismName, IdentityManager identityManager, FormParserFactory formParserFactory, Map<String, String> properties) {
return authenticationMechanism;
}
Example #25
| Source File: DeploymentImpl.java From lams with GNU General Public License v2.0 | 4 votes |
|
@Override
public List<AuthenticationMechanism> getAuthenticationMechanisms() {
return authenticationMechanisms;
}
Example #26
| Source File: ClientCertRenegotiationTestCase.java From quarkus-http with Apache License 2.0 | 4 votes |
|
@Override
protected List<AuthenticationMechanism> getTestMechanisms() {
AuthenticationMechanism mechanism = new ClientCertAuthenticationMechanism();
return Collections.singletonList(mechanism);
}
Example #27
| Source File: AuthenticationMechanismsHandler.java From lams with GNU General Public License v2.0 | 4 votes |
|
public AuthenticationMechanismsHandler(final HttpHandler next, final List<AuthenticationMechanism> authenticationMechanisms) {
this.next = next;
this.authenticationMechanisms = authenticationMechanisms.toArray(new AuthenticationMechanism[authenticationMechanisms.size()]);
}
Example #28
| Source File: DatawaveAuthenticationMechanism.java From datawave with Apache License 2.0 | 4 votes |
|
@Override
public AuthenticationMechanism create(String mechanismName, IdentityManager identityManager, FormParserFactory formParserFactory,
Map<String,String> properties) {
String forceRenegotiation = properties.get(ClientCertAuthenticationMechanism.FORCE_RENEGOTIATION);
return new DatawaveAuthenticationMechanism(mechanismName, (forceRenegotiation == null) || "true".equals(forceRenegotiation), identityManager);
}
Example #29
| Source File: DatawaveAuthenticationMechanism.java From datawave with Apache License 2.0 | 4 votes |
|
@Override
@Deprecated
public AuthenticationMechanism create(String mechanismName, FormParserFactory formParserFactory, Map<String,String> properties) {
return create(mechanismName, identityManager, formParserFactory, properties);
}
Example #30
| Source File: ImmediateAuthenticationMechanismFactory.java From lams with GNU General Public License v2.0 | 4 votes |
|
public ImmediateAuthenticationMechanismFactory(AuthenticationMechanism authenticationMechanism) {
this.authenticationMechanism = authenticationMechanism;
}
