@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { String principal = exchange.getAttachment(EXTERNAL_PRINCIPAL); if(principal == null) { return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } Account account = getIdentityManager(securityContext).verify(principal, ExternalCredential.INSTANCE); if(account == null) { return AuthenticationMechanismOutcome.NOT_AUTHENTICATED; } String name = exchange.getAttachment(EXTERNAL_AUTHENTICATION_TYPE); securityContext.authenticationComplete(account, name != null ? name: this.name, false); return AuthenticationMechanismOutcome.AUTHENTICATED; }
Account account = idm.verify(userName, credential); if (account != null) { securityContext.authenticationComplete(account, name, false); result = AuthenticationMechanismOutcome.AUTHENTICATED; } else {
@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { String principal = getPrincipal(exchange); if(principal == null) { return NOT_ATTEMPTED; } String session = getSession(exchange); if(session == null) { return NOT_ATTEMPTED; } Account account = identityManager.verify(principal, new PasswordCredential(session.toCharArray())); if(account == null) { securityContext.authenticationFailed(UndertowMessages.MESSAGES.authenticationFailed(principal), mechanismName); return NOT_AUTHENTICATED; } securityContext.authenticationComplete(account, mechanismName, false); return AUTHENTICATED; }
securityContext.authenticationComplete(account, mechanismName, false); return AuthenticationMechanismOutcome.AUTHENTICATED;
securityContext.authenticationComplete(account, mechanismName, true); return AuthenticationMechanismOutcome.AUTHENTICATED;
public AuthenticationMechanismOutcome runCached(final HttpServerExchange exchange, final SecurityContext securityContext, final AuthenticatedSessionManager sessionManager) { AuthenticatedSession authSession = sessionManager.lookupSession(exchange); if (authSession != null) { Account account = getIdentityManager(securityContext).verify(authSession.getAccount()); if (account != null) { securityContext.authenticationComplete(account, authSession.getMechanism(), false); return AuthenticationMechanismOutcome.AUTHENTICATED; } else { sessionManager.clearSession(exchange); // We know we had a previously authenticated account but for some reason the IdentityManager is no longer // accepting it, we now return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } } else { // It is possible an AuthenticatedSessionManager could have been available even if there was no chance of it // loading a session. return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } }
public AuthenticationMechanismOutcome authenticate(final HttpServerExchange exchange, final SecurityContext securityContext) { SSLSessionInfo sslSession = exchange.getConnection().getSslSessionInfo(); if (sslSession != null) { try { Certificate[] clientCerts = getPeerCertificates(exchange, sslSession, securityContext); if (clientCerts[0] instanceof X509Certificate) { Credential credential = new X509CertificateCredential((X509Certificate) clientCerts[0]); IdentityManager idm = getIdentityManager(securityContext); Account account = idm.verify(credential); if (account != null) { securityContext.authenticationComplete(account, name, false); return AuthenticationMechanismOutcome.AUTHENTICATED; } } } catch (SSLPeerUnverifiedException e) { // No action - this mechanism can not attempt authentication without peer certificates so allow it to drop out // to NOT_ATTEMPTED. } } /* * For ClientCert we do not have a concept of a failed authentication, if the client did use a key then it was deemed * acceptable for the connection to be established, this mechanism then just 'attempts' to use it for authentication but * does not mandate success. */ return AuthenticationMechanismOutcome.NOT_ATTEMPTED; }
final Account account = identityManager.verify(new GSSContextCredential(negContext.getGssContext())); if (account != null) { securityContext.authenticationComplete(account, name, false); UndertowLogger.SECURITY_LOGGER.debugf("Authenticated as user %s with existing GSSAPI negotiation context for %s", account.getPrincipal().getName(), exchange); return AuthenticationMechanismOutcome.AUTHENTICATED;
securityContext.authenticationComplete(verified, sso.getMechanismName(), false); securityContext.registerNotificationReceiver(new NotificationReceiver() { @Override
final Account account = identityManager.verify(new GSSContextCredential(negContext.getGssContext())); if (account != null) { securityContext.authenticationComplete(account, name, false); return AuthenticationMechanismOutcome.AUTHENTICATED; } else {
Account account = identityManager.verify(userName, credential); if (account != null) { securityContext.authenticationComplete(account, name, true); UndertowLogger.SECURITY_LOGGER.debugf("Authenticated user %s using for auth for %s", account.getPrincipal().getName(), exchange); outcome = AuthenticationMechanismOutcome.AUTHENTICATED;
cache = Boolean.valueOf((String)registerObj); sc.authenticationComplete(authenticatedAccount, authType, cache); } else if (isValid && authenticatedAccount == null && !isMandatory(requestContext)) { outcome = AuthenticationMechanismOutcome.NOT_ATTEMPTED;
@Override protected void completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method) { KeycloakUndertowAccount account = createAccount(principal); securityContext.authenticationComplete(account, method, false); propagateKeycloakContext(account); }
@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext context) { Principal user = new RealmUser(ANONYMOUS_USER); Subject subject = new Subject(); subject.getPrincipals().add(user); SocketAddress address = exchange.getConnection().getPeerAddress(); if (address instanceof InetSocketAddress) { subject.getPrincipals().add(new InetAddressPrincipal(((InetSocketAddress) address).getAddress())); } context.authenticationComplete(new RealmIdentityAccount(subject, user), ANONYMOUS_MECH, false); return AuthenticationMechanismOutcome.AUTHENTICATED; }
@Override protected void completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method) { KeycloakUndertowAccount account = createAccount(principal); securityContext.authenticationComplete(account, method, false); propagateKeycloakContext(account); }
@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { final String principal = principalResolver.get(exchange.getSourceAddress().getAddress()); if (principal == null) return AuthenticationMechanismOutcome.NOT_ATTEMPTED; final Account account = identityManager.verify(principal, ExternalCredential.INSTANCE); if (account == null) return AuthenticationMechanismOutcome.NOT_AUTHENTICATED; securityContext.authenticationComplete(account, NAME, false); return AuthenticationMechanismOutcome.AUTHENTICATED; }
@Override protected void completeOAuthAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal) { KeycloakUndertowAccount account = createAccount(principal); securityContext.authenticationComplete(account, "KEYCLOAK", false); propagateKeycloakContext(account); tokenStore.saveAccountInfo(account); }
@Override protected void completeOAuthAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal) { KeycloakUndertowAccount account = createAccount(principal); securityContext.authenticationComplete(account, "KEYCLOAK", false); propagateKeycloakContext(account); tokenStore.saveAccountInfo(account); }
@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { String principal = exchange.getAttachment(EXTERNAL_PRINCIPAL); if(principal == null) { return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } Account account = getIdentityManager(securityContext).verify(principal, ExternalCredential.INSTANCE); if(account == null) { return AuthenticationMechanismOutcome.NOT_AUTHENTICATED; } String name = exchange.getAttachment(EXTERNAL_AUTHENTICATION_TYPE); securityContext.authenticationComplete(account, name != null ? name: this.name, false); return AuthenticationMechanismOutcome.AUTHENTICATED; }
private AuthenticationMechanismOutcome authenticated(HttpServerExchange exchange, SecurityContext securityContext, Account account) { if (exchange.getRequestHeaders().contains(HEADER_PROXIED_ENTITIES)) { exchange.getResponseHeaders().add(HEADER_PROXIED_ENTITIES_ACCEPTED, "true"); } securityContext.authenticationComplete(account, name, false); addTimingRequestHeaders(exchange); return AuthenticationMechanismOutcome.AUTHENTICATED; }