return new ChallengeResult(true, UNAUTHORIZED);
return new ChallengeResult(true, UNAUTHORIZED);
public ChallengeResult sendChallenge(final HttpServerExchange exchange, final SecurityContext securityContext) { if (exchange.getRequestPath().endsWith(postLocation) && exchange.getRequestMethod().equals(Methods.POST)) { UndertowLogger.SECURITY_LOGGER.debugf("Serving form auth error page %s for %s", loginPage, exchange); // This method would no longer be called if authentication had already occurred. Integer code = servePage(exchange, errorPage); return new ChallengeResult(true, code); } else { UndertowLogger.SECURITY_LOGGER.debugf("Serving login form %s for %s", loginPage, exchange); // we need to store the URL storeInitialLocation(exchange); // TODO - Rather than redirecting, in order to make this mechanism compatible with the other mechanisms we need to // return the actual error page not a redirect. Integer code = servePage(exchange, loginPage); return new ChallengeResult(true, code); } }
@Override public ChallengeResult sendChallenge(HttpServerExchange httpServerExchange, SecurityContext securityContext) { return new ChallengeResult(false); }
@Override public ChallengeResult sendChallenge(final HttpServerExchange exchange, final SecurityContext securityContext) { return new ChallengeResult(true); }
@Override public ChallengeResult sendChallenge(final HttpServerExchange exchange, final SecurityContext securityContext) { return new ChallengeResult(true); }
@Override public ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext) { if(silent) { //if this is silent we only send a challenge if the request contained auth headers //otherwise we assume another method will send the challenge String authHeader = exchange.getRequestHeaders().getFirst(AUTHORIZATION); if(authHeader == null) { return ChallengeResult.NOT_SENT; } } exchange.getResponseHeaders().add(WWW_AUTHENTICATE, challenge); if(logger.isDebugEnabled()) logger.debug("Sending basic auth challenge %s for %s", challenge, exchange); return new ChallengeResult(true, UNAUTHORIZED); }
@Override public ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext) { if(silent) { //if this is silent we only send a challenge if the request contained auth headers //otherwise we assume another method will send the challenge String authHeader = exchange.getRequestHeaders().getFirst(AUTHORIZATION); if(authHeader == null) { return ChallengeResult.NOT_SENT; } } exchange.getResponseHeaders().add(WWW_AUTHENTICATE, challenge); UndertowLogger.SECURITY_LOGGER.debugf("Sending basic auth challenge %s for %s", challenge, exchange); return new ChallengeResult(true, UNAUTHORIZED); }
@Override public ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext) { exchange.getResponseHeaders().add(WWW_AUTHENTICATE, "Bearer {token}"); UndertowLogger.SECURITY_LOGGER.debugf("Sending Bearer {token} challenge for %s", exchange); return new ChallengeResult(true, UNAUTHORIZED); }
@Override public ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext) { AuthChallenge challenge = exchange.getAttachment(KEYCLOAK_CHALLENGE_ATTACHMENT_KEY); if (challenge != null) { UndertowHttpFacade facade = createFacade(exchange); if (challenge.challenge(facade)) { return new ChallengeResult(true, exchange.getResponseCode()); } } return new ChallengeResult(false); }
@Override public ChallengeResult sendChallenge(HttpServerExchange arg0, SecurityContext arg1) { // Anonymous will always succeed so no challenge to send. return new ChallengeResult(false); }
@Override public ChallengeResult sendChallenge( final HttpServerExchange exchange, final SecurityContext securityContext ) { logger.debug( "BASIC sendChallenge" ); exchange.getResponseHeaders() .add( new HttpString( "WWW-Authenticate" ), "BASIC realm=\"" + config.getRealm() + "\"" ); exchange.setResponseCode( 401 ); return new ChallengeResult( true, 401 ); }
@Override public ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext) { AuthChallenge challenge = exchange.getAttachment(KEYCLOAK_CHALLENGE_ATTACHMENT_KEY); if (challenge != null) { UndertowHttpFacade facade = createFacade(exchange); if (challenge.challenge(facade)) { return new ChallengeResult(true, exchange.getResponseCode()); } } return new ChallengeResult(false); }
@Override public ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext) { String authHeader = exchange.getRequestHeaders().getFirst(AUTHORIZATION); if (authHeader == null) { return new ChallengeResult(false); // --> FORBIDDEN } else { return new ChallengeResult(true, UNAUTHORIZED); } }
@Override public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange hse, SecurityContext sc) { return new AuthenticationMechanism.ChallengeResult(true, 200); } }
@Override public ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext) { return new ChallengeResult(true, UNAUTHORIZED); } }
@Override public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange hse, SecurityContext sc ) { return new AuthenticationMechanism.ChallengeResult(true, 200); }
public ChallengeResult sendChallenge(final HttpServerExchange exchange, final SecurityContext securityContext) { NegotiationContext negContext = exchange.getAttachment(NegotiationContext.ATTACHMENT_KEY); String header = NEGOTIATION_PLAIN; if (negContext != null) { byte[] responseChallenge = negContext.useResponseToken(); exchange.putAttachment(NegotiationContext.ATTACHMENT_KEY, null); if (responseChallenge != null) { header = NEGOTIATE_PREFIX + FlexBase64.encodeString(responseChallenge, false); } } else { Subject server = null; try { server = subjectFactory.getSubjectForHost(getHostName(exchange)); } catch (GeneralSecurityException e) { // Deliberately ignore - no Subject so don't offer GSSAPI is our main concern here. } if (server == null) { return ChallengeResult.NOT_SENT; } } exchange.getResponseHeaders().add(WWW_AUTHENTICATE, header); UndertowLogger.SECURITY_LOGGER.debugf("Sending GSSAPI challenge for %s", exchange); return new ChallengeResult(true, UNAUTHORIZED); }
@Override public ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext) { if(silent) { //if this is silent we only send a challenge if the request contained auth headers //otherwise we assume another method will send the challenge String authHeader = exchange.getRequestHeaders().getFirst(AUTHORIZATION); if(authHeader == null) { return ChallengeResult.NOT_SENT; } } exchange.getResponseHeaders().add(WWW_AUTHENTICATE, challenge); UndertowLogger.SECURITY_LOGGER.debugf("Sending basic auth challenge %s for %s", challenge, exchange); return new ChallengeResult(true, UNAUTHORIZED); }
@Override public ChallengeResult sendChallenge(final HttpServerExchange exchange, final SecurityContext securityContext) { return new ChallengeResult(true); }