public AuthenticationMechanismOutcome runCached(final HttpServerExchange exchange, final SecurityContext securityContext, final AuthenticatedSessionManager sessionManager) { AuthenticatedSession authSession = sessionManager.lookupSession(exchange); if (authSession != null) { Account account = getIdentityManager(securityContext).verify(authSession.getAccount()); if (account != null) { securityContext.authenticationComplete(account, authSession.getMechanism(), false); return AuthenticationMechanismOutcome.AUTHENTICATED; } else { sessionManager.clearSession(exchange); // We know we had a previously authenticated account but for some reason the IdentityManager is no longer // accepting it, we now return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } } else { // It is possible an AuthenticatedSessionManager could have been available even if there was no chance of it // loading a session. return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } }
@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { AuthenticatedSessionManager sessionManager = exchange.getAttachment(AuthenticatedSessionManager.ATTACHMENT_KEY); if (sessionManager != null) { return runCached(exchange, securityContext, sessionManager); } else { return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } }
private HttpHandler addFormSecurity(final HttpHandler toWrap, final IdentityManager identityManager) { HttpHandler handler = toWrap; handler = new AuthenticationCallHandler(handler); handler = new AuthenticationConstraintHandler(handler); final List<AuthenticationMechanism> mechanisms = new ArrayList<>(); mechanisms.add(new CachedAuthenticatedSessionMechanism()); mechanisms.add(new FormAuthenticationMechanism("oauth2", "/login", "/error", "/oauth2/code")); handler = new AuthenticationMechanismsHandler(handler, mechanisms); handler = new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, identityManager, handler); handler = new SessionAttachmentHandler(handler, new InMemorySessionManager("oauth2"), new SessionCookieConfig()); return handler; }
private static HttpHandler addFormSecurity(final HttpHandler toWrap, final IdentityManager identityManager) { HttpHandler handler = toWrap; handler = new AuthenticationCallHandler(handler); handler = new AuthenticationConstraintHandler(handler); final List<AuthenticationMechanism> mechanisms = new ArrayList<>(); mechanisms.add(new CachedAuthenticatedSessionMechanism()); mechanisms.add(new FormAuthenticationMechanism("oauth2", "/login", "/error", "/oauth2/authorize")); handler = new AuthenticationMechanismsHandler(handler, mechanisms); handler = new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, identityManager, handler); handler = new SessionAttachmentHandler(handler, new InMemorySessionManager("oauth2"), new SessionCookieConfig()); return handler; } }
handler = new ConstraintMatcherHandler(matches, handler, toWrap, errorPage); final List<AuthenticationMechanism> mechanisms = new LinkedList<AuthenticationMechanism>(); mechanisms.add(new CachedAuthenticatedSessionMechanism()); mechanisms.add(new UndertowAuthenticationMechanism(deploymentContext, userSessionManagement, nodesRegistrationManagement, -1, null)); handler = new AuthenticationMechanismsHandler(handler, mechanisms);
@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { AuthenticatedSessionManager sessionManager = exchange.getAttachment(AuthenticatedSessionManager.ATTACHMENT_KEY); if (sessionManager != null) { return runCached(exchange, securityContext, sessionManager); } else { return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } }
public AuthenticationMechanismOutcome runCached(final HttpServerExchange exchange, final SecurityContext securityContext, final AuthenticatedSessionManager sessionManager) { AuthenticatedSession authSession = sessionManager.lookupSession(exchange); if (authSession != null) { Account account = getIdentityManager(securityContext).verify(authSession.getAccount()); if (account != null) { securityContext.authenticationComplete(account, authSession.getMechanism(), false); return AuthenticationMechanismOutcome.AUTHENTICATED; } else { sessionManager.clearSession(exchange); // We know we had a previously authenticated account but for some reason the IdentityManager is no longer // accepting it, we now return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } } else { // It is possible an AuthenticatedSessionManager could have been available even if there was no chance of it // loading a session. return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } }
undertowMechanisms.add(wrap(new CachedAuthenticatedSessionMechanism(), null)); for (AuthMechanism current : mechanisms) { switch (current) {
@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { AuthenticatedSessionManager sessionManager = exchange.getAttachment(AuthenticatedSessionManager.ATTACHMENT_KEY); if (sessionManager != null) { return runCached(exchange, securityContext, sessionManager); } else { return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } }
public AuthenticationMechanismOutcome runCached(final HttpServerExchange exchange, final SecurityContext securityContext, final AuthenticatedSessionManager sessionManager) { AuthenticatedSession authSession = sessionManager.lookupSession(exchange); if (authSession != null) { Account account = getIdentityManager(securityContext).verify(authSession.getAccount()); if (account != null) { securityContext.authenticationComplete(account, authSession.getMechanism(), false); return AuthenticationMechanismOutcome.AUTHENTICATED; } else { sessionManager.clearSession(exchange); // We know we had a previously authenticated account but for some reason the IdentityManager is no longer // accepting it, we now return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } } else { // It is possible an AuthenticatedSessionManager could have been available even if there was no chance of it // loading a session. return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } }
authenticationMechanisms.add(new CachedAuthenticatedSessionMechanism()); //TODO: does this really need to be hard coded?
undertowMechanisms.add(wrap(new CachedAuthenticatedSessionMechanism(), null)); for (AuthMechanism current : mechanisms) { switch (current) {
authenticationMechanisms.add(new CachedAuthenticatedSessionMechanism()); //TODO: does this really need to be hard coded?
authenticationMechanisms.add(new CachedAuthenticatedSessionMechanism(identityManager));