Java Code Examples for io.undertow.servlet.api.SecurityInfo.EmptyRoleSemantic#AUTHENTICATE

The following examples show how to use io.undertow.servlet.api.SecurityInfo.EmptyRoleSemantic#AUTHENTICATE . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ServletAuthenticationConstraintHandler.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up
@Override
protected boolean isAuthenticationRequired(final HttpServerExchange exchange) {
    //j_security_check always requires auth
    if (exchange.getRelativePath().endsWith(ServletFormAuthenticationMechanism.DEFAULT_POST_LOCATION)) {
        return true;
    }
    List<SingleConstraintMatch> constraints = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getRequiredConstrains();

    /*
     * Even once this is set to true the reason we allow the loop to continue is in case an empty role with a semantic of
     * deny is found as that will override everything.
     */
    boolean authenticationRequired = false;
    for (SingleConstraintMatch constraint : constraints) {
        if (constraint.getRequiredRoles().isEmpty()) {
            if (constraint.getEmptyRoleSemantic() == EmptyRoleSemantic.DENY) {
                /*
                 * For this case we return false as we know it can never be satisfied.
                 */
                return false;
            } else if (constraint.getEmptyRoleSemantic() == EmptyRoleSemantic.AUTHENTICATE) {
                authenticationRequired = true;
            }
        } else {
            authenticationRequired = true;
        }
    }
    if(authenticationRequired) {
        UndertowLogger.SECURITY_LOGGER.debugf("Authenticating required for request %s", exchange);
    }
    return authenticationRequired;
}
 
Example 2
Source File: ServletAuthenticationConstraintHandler.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
@Override
protected boolean isAuthenticationRequired(final HttpServerExchange exchange) {
    //j_security_check always requires auth
    if (exchange.getRelativePath().endsWith(ServletFormAuthenticationMechanism.DEFAULT_POST_LOCATION)) {
        return true;
    }
    List<SingleConstraintMatch> constraints = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getRequiredConstrains();

    /*
     * Even once this is set to true the reason we allow the loop to continue is in case an empty role with a semantic of
     * deny is found as that will override everything.
     */
    boolean authenticationRequired = false;
    for (SingleConstraintMatch constraint : constraints) {
        if (constraint.getRequiredRoles().isEmpty()) {
            if (constraint.getEmptyRoleSemantic() == EmptyRoleSemantic.DENY) {
                /*
                 * For this case we return false as we know it can never be satisfied.
                 */
                return false;
            } else if (constraint.getEmptyRoleSemantic() == EmptyRoleSemantic.AUTHENTICATE) {
                authenticationRequired = true;
            }
        } else {
            authenticationRequired = true;
        }
    }
    if(authenticationRequired) {
        UndertowLogger.SECURITY_LOGGER.debugf("Authenticating required for request %s", exchange);
    }
    return authenticationRequired;
}