io.undertow.security.api.AuthenticationMode Java Examples

The following examples show how to use io.undertow.security.api.AuthenticationMode. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuthConfiguration.java    From haven-platform with Apache License 2.0 6 votes vote down vote up
private UndertowDeploymentInfoCustomizer enableAuthUDICustomizer() {
    return (DeploymentInfo di) -> {
        if(StringUtils.isEmpty(encodedPass)) {
            return;
        }
        SecurityConstraint sc = new SecurityConstraint();
        sc.setEmptyRoleSemantic(SecurityInfo.EmptyRoleSemantic.AUTHENTICATE);
        // empty web resource interpret as default
        sc.addWebResourceCollection(new WebResourceCollection());
        di.addSecurityConstraints(sc);
        di.setSecurityDisabled(false);
        di.setAuthenticationMode(AuthenticationMode.PRO_ACTIVE);
        di.setLoginConfig(new LoginConfig(HttpServletRequest.BASIC_AUTH, "Haven Agent"));
        di.setIdentityManager(new IdentityManagerImpl(encodedPass));
    };
}
 
Example #2
Source File: SecurityContextImpl.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
private boolean authTransitionRequired() {
    switch (authenticationState) {
        case NOT_ATTEMPTED:
            // There has been no attempt to authenticate the current request so do so either if required or if we are set to
            // be pro-active.
            return isAuthenticationRequired() || authenticationMode == AuthenticationMode.PRO_ACTIVE;
        case ATTEMPTED:
            // To be ATTEMPTED we know it was not AUTHENTICATED so if it is required we need to transition to send the
            // challenges.
            return isAuthenticationRequired();
        default:
            // At this point the state would either be AUTHENTICATED or CHALLENGE_SENT - either of which mean no further
            // transitions applicable for this request.
            return false;
    }
}
 
Example #3
Source File: SecurityContextImpl.java    From quarkus-http with Apache License 2.0 6 votes vote down vote up
private boolean authTransitionRequired() {
    switch (authenticationState) {
        case NOT_ATTEMPTED:
            // There has been no attempt to authenticate the current request so do so either if required or if we are set to
            // be pro-active.
            return isAuthenticationRequired() || authenticationMode == AuthenticationMode.PRO_ACTIVE;
        case ATTEMPTED:
            // To be ATTEMPTED we know it was not AUTHENTICATED so if it is required we need to transition to send the
            // challenges.
            return isAuthenticationRequired();
        default:
            // At this point the state would either be AUTHENTICATED or CHALLENGE_SENT - either of which mean no further
            // transitions applicable for this request.
            return false;
    }
}
 
Example #4
Source File: SecurityActions.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up
static SecurityContextImpl createSecurityContextImpl(final HttpServerExchange exchange, final AuthenticationMode authenticationMode, final IdentityManager identityManager) {
    if (System.getSecurityManager() == null) {
        return new SecurityContextImpl(exchange, authenticationMode, identityManager);
    } else {
        return AccessController.doPrivileged(new PrivilegedAction<SecurityContextImpl>() {
            @Override
            public SecurityContextImpl run() {
                return new SecurityContextImpl(exchange, authenticationMode, identityManager);
            }
        });
    }
}
 
Example #5
Source File: SecurityActions.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
static SecurityContextImpl createSecurityContextImpl(final HttpServerExchange exchange, final AuthenticationMode authenticationMode, final IdentityManager identityManager) {
    if (System.getSecurityManager() == null) {
        return new SecurityContextImpl(exchange, authenticationMode, identityManager);
    } else {
        return AccessController.doPrivileged(new PrivilegedAction<SecurityContextImpl>() {
            @Override
            public SecurityContextImpl run() {
                return new SecurityContextImpl(exchange, authenticationMode, identityManager);
            }
        });
    }
}
 
Example #6
Source File: SecurityContextFactoryImpl.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
@Override
public SecurityContext createSecurityContext(final HttpServerExchange exchange, final AuthenticationMode mode,
    final IdentityManager identityManager, final String programmaticMechName) {
    SecurityContextImpl securityContext = SecurityActions.createSecurityContextImpl(exchange, mode, identityManager);
    if (programmaticMechName != null)
        securityContext.setProgramaticMechName(programmaticMechName);
    return securityContext;
}
 
Example #7
Source File: SecurityContextImpl.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
public SecurityContextImpl(final HttpServerExchange exchange, final AuthenticationMode authenticationMode, final IdentityManager identityManager) {
    super(exchange);
    this.authenticationMode = authenticationMode;
    this.identityManager = identityManager;
    if (System.getSecurityManager() != null) {
        System.getSecurityManager().checkPermission(PERMISSION);
    }
}
 
Example #8
Source File: SecurityInitialHandler.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
public SecurityInitialHandler(final AuthenticationMode authenticationMode, final IdentityManager identityManager,
        final String programaticMechName, final SecurityContextFactory contextFactory, final HttpHandler next) {
    super(next);
    this.authenticationMode = authenticationMode;
    this.identityManager = identityManager;
    this.programaticMechName = programaticMechName;
    this.contextFactory = contextFactory;
}
 
Example #9
Source File: SecurityContextFactoryImpl.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up
@Override
public SecurityContext createSecurityContext(final HttpServerExchange exchange, final AuthenticationMode mode,
    final IdentityManager identityManager, final String programmaticMechName) {
    SecurityContextImpl securityContext = SecurityActions.createSecurityContextImpl(exchange, mode, identityManager);
    if (programmaticMechName != null)
        securityContext.setProgramaticMechName(programmaticMechName);
    return securityContext;
}
 
Example #10
Source File: SecurityContextImpl.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up
public SecurityContextImpl(final HttpServerExchange exchange, final AuthenticationMode authenticationMode, final IdentityManager identityManager) {
    super(exchange);
    this.authenticationMode = authenticationMode;
    this.identityManager = identityManager;
    if (System.getSecurityManager() != null) {
        System.getSecurityManager().checkPermission(PERMISSION);
    }
}
 
Example #11
Source File: SecurityInitialHandler.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up
public SecurityInitialHandler(final AuthenticationMode authenticationMode, final IdentityManager identityManager,
        final String programaticMechName, final SecurityContextFactory contextFactory, final HttpHandler next) {
    super(next);
    this.authenticationMode = authenticationMode;
    this.identityManager = identityManager;
    this.programaticMechName = programaticMechName;
    this.contextFactory = contextFactory;
}
 
Example #12
Source File: SecurityContextImpl.java    From quarkus-http with Apache License 2.0 4 votes vote down vote up
public SecurityContextImpl(final HttpServerExchange exchange, final IdentityManager identityManager) {
    this(exchange, AuthenticationMode.PRO_ACTIVE, identityManager);
}
 
Example #13
Source File: DeploymentInfo.java    From quarkus-http with Apache License 2.0 4 votes vote down vote up
public AuthenticationMode getAuthenticationMode() {
    return authenticationMode;
}
 
Example #14
Source File: SecurityInitialHandler.java    From quarkus-http with Apache License 2.0 4 votes vote down vote up
public SecurityInitialHandler(final AuthenticationMode authenticationMode, final IdentityManager identityManager,
        final HttpHandler next) {
    this(authenticationMode, identityManager, null, SecurityContextFactoryImpl.INSTANCE, next);
}
 
Example #15
Source File: SecurityInitialHandler.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
public SecurityInitialHandler(final AuthenticationMode authenticationMode, final IdentityManager identityManager,
        final String programaticMechName, final HttpHandler next) {
    this(authenticationMode, identityManager, programaticMechName, SecurityContextFactoryImpl.INSTANCE, next);
}
 
Example #16
Source File: SecurityInitialHandler.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
public SecurityInitialHandler(final AuthenticationMode authenticationMode, final IdentityManager identityManager,
        final HttpHandler next) {
    this(authenticationMode, identityManager, null, SecurityContextFactoryImpl.INSTANCE, next);
}
 
Example #17
Source File: SecurityContextImpl.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
public SecurityContextImpl(final HttpServerExchange exchange, final IdentityManager identityManager) {
    this(exchange, AuthenticationMode.PRO_ACTIVE, identityManager);
}
 
Example #18
Source File: SecurityInitialHandler.java    From quarkus-http with Apache License 2.0 4 votes vote down vote up
public SecurityInitialHandler(final AuthenticationMode authenticationMode, final IdentityManager identityManager,
        final String programaticMechName, final HttpHandler next) {
    this(authenticationMode, identityManager, programaticMechName, SecurityContextFactoryImpl.INSTANCE, next);
}
 
Example #19
Source File: ServletFormAuthURLRewriteTestCase.java    From quarkus-http with Apache License 2.0 4 votes vote down vote up
@BeforeClass
public static void setup() throws ServletException {

    final PathHandler path = new PathHandler();

    final ServletContainer container = ServletContainer.Factory.newInstance();

    ServletInfo s = new ServletInfo("servlet", SendUsernameServlet.class)
            .setServletSecurityInfo(new ServletSecurityInfo()
                    .addRoleAllowed("role1"))
            .addMapping("/secured/*");

    ServletInfo echo = new ServletInfo("echo", EchoServlet.class)
            .setServletSecurityInfo(new ServletSecurityInfo()
                    .addRoleAllowed("role1"))
            .addMapping("/secured/echo");

    ServletInfo echoParam = new ServletInfo("echoParam", RequestParamEchoServlet.class)
            .setServletSecurityInfo(new ServletSecurityInfo()
                    .addRoleAllowed("role1"))
            .addMapping("/secured/echoParam");

    ServletInfo s1 = new ServletInfo("loginPage", FormLoginServlet.class)
            .setServletSecurityInfo(new ServletSecurityInfo()
                    .addRoleAllowed("group1"))
            .addMapping("/FormLoginServlet");


    ServletIdentityManager identityManager = new ServletIdentityManager();
    identityManager.addUser("user1", "password1", "role1");

    DeploymentInfo builder = new DeploymentInfo()
            .setServletSessionConfig(new ServletSessionConfig().setSessionTrackingModes(Collections.singleton(SessionTrackingMode.URL)))
            .setClassLoader(SimpleServletTestCase.class.getClassLoader())
            .setContextPath("/servletContext")
            .setClassIntrospecter(TestClassIntrospector.INSTANCE)
            .setDeploymentName("servletContext.war")
            .setAuthenticationMode(AuthenticationMode.CONSTRAINT_DRIVEN)
            .setIdentityManager(identityManager)
            .setLoginConfig(new LoginConfig("FORM", "Test Realm", "/FormLoginServlet", "/error.html"))
            .addServlets(s, s1, echo,echoParam);

    DeploymentManager manager = container.addDeployment(builder);
    manager.deploy();
    path.addPrefixPath(builder.getContextPath(), manager.start());

    DefaultServer.setRootHandler(path);
}
 
Example #20
Source File: ServletFormAuthTestCase.java    From quarkus-http with Apache License 2.0 4 votes vote down vote up
@BeforeClass
public static void setup() throws ServletException {

    final PathHandler path = new PathHandler();

    final ServletContainer container = ServletContainer.Factory.newInstance();

    ServletInfo s = new ServletInfo("servlet", SendUsernameServlet.class)
            .setServletSecurityInfo(new ServletSecurityInfo()
                    .addRoleAllowed("role1"))
            .addMapping("/secured/*");

    ServletInfo echo = new ServletInfo("echo", EchoServlet.class)
            .setServletSecurityInfo(new ServletSecurityInfo()
                    .addRoleAllowed("role1"))
            .addMapping("/secured/echo");

    ServletInfo echoParam = new ServletInfo("echoParam", RequestParamEchoServlet.class)
            .setServletSecurityInfo(new ServletSecurityInfo()
                    .addRoleAllowed("role1"))
            .addMapping("/secured/echoParam");

    ServletInfo s1 = new ServletInfo("loginPage", FormLoginServlet.class)
            .setServletSecurityInfo(new ServletSecurityInfo()
                    .addRoleAllowed("group1"))
            .addMapping("/FormLoginServlet");


    ServletIdentityManager identityManager = new ServletIdentityManager();
    identityManager.addUser("user1", "password1", "role1");

    DeploymentInfo builder = new DeploymentInfo()
            .setClassLoader(SimpleServletTestCase.class.getClassLoader())
            .setContextPath("/servletContext")
            .setClassIntrospecter(TestClassIntrospector.INSTANCE)
            .setDeploymentName("servletContext.war")
            .setAuthenticationMode(AuthenticationMode.CONSTRAINT_DRIVEN)
            .setIdentityManager(identityManager)
            .setLoginConfig(new LoginConfig("FORM", "Test Realm", "/FormLoginServlet", "/error.html"))
            .addServlets(s, s1, echo,echoParam);

    DeploymentManager manager = container.addDeployment(builder);
    manager.deploy();
    path.addPrefixPath(builder.getContextPath(), manager.start());

    DefaultServer.setRootHandler(path);
}
 
Example #21
Source File: DeploymentInfo.java    From lams with GNU General Public License v2.0 4 votes vote down vote up
public AuthenticationMode getAuthenticationMode() {
    return authenticationMode;
}
 
Example #22
Source File: DeploymentInfo.java    From lams with GNU General Public License v2.0 2 votes vote down vote up
/**
 * Sets if this deployment should use pro-active authentication and always authenticate if the credentials are present
 * or constraint driven auth which will only call the authentication mechanisms for protected resources.
 *
 * Pro active auth means that requests for unprotected resources will still be associated with a user, which may be
 * useful for access logging.
 *
 *
 * @param authenticationMode The authentication mode to use
 * @return
 */
public DeploymentInfo setAuthenticationMode(AuthenticationMode authenticationMode) {
    this.authenticationMode = authenticationMode;
    return this;
}
 
Example #23
Source File: DeploymentInfo.java    From quarkus-http with Apache License 2.0 2 votes vote down vote up
/**
 * Sets if this deployment should use pro-active authentication and always authenticate if the credentials are present
 * or constraint driven auth which will only call the authentication mechanisms for protected resources.
 *
 * Pro active auth means that requests for unprotected resources will still be associated with a user, which may be
 * useful for access logging.
 *
 *
 * @param authenticationMode The authentication mode to use
 * @return
 */
public DeploymentInfo setAuthenticationMode(AuthenticationMode authenticationMode) {
    this.authenticationMode = authenticationMode;
    return this;
}