@Override public AuthenticationStatus notifyContainerAboutLogin(CredentialValidationResult result) { return getWrapped().notifyContainerAboutLogin(result); }
@Override public AuthenticationStatus notifyContainerAboutLogin(String username, Set<String> roles) { return getWrapped().notifyContainerAboutLogin(username, roles); }
@Override public AuthenticationStatus notifyContainerAboutLogin(Principal principal, Set<String> roles) { return getWrapped().notifyContainerAboutLogin(principal, roles); }
@Override public AuthenticationStatus notifyContainerAboutLogin(CredentialValidationResult result) { return getWrapped().notifyContainerAboutLogin(result); }
@Override public AuthenticationStatus notifyContainerAboutLogin(String username, Set<String> roles) { return getWrapped().notifyContainerAboutLogin(username, roles); }
@Override public AuthenticationStatus notifyContainerAboutLogin(CredentialValidationResult result) { return getWrapped().notifyContainerAboutLogin(result); }
@Override public AuthenticationStatus notifyContainerAboutLogin(Principal principal, Set<String> roles) { return getWrapped().notifyContainerAboutLogin(principal, roles); }
@Override public AuthenticationStatus notifyContainerAboutLogin(CredentialValidationResult result) { return getWrapped().notifyContainerAboutLogin(result); }
@Override public AuthenticationStatus notifyContainerAboutLogin(Principal principal, Set<String> roles) { return getWrapped().notifyContainerAboutLogin(principal, roles); }
@Override public AuthenticationStatus notifyContainerAboutLogin(Principal principal, Set<String> roles) { return getWrapped().notifyContainerAboutLogin(principal, roles); }
@Override public AuthenticationStatus notifyContainerAboutLogin(String username, Set<String> roles) { return getWrapped().notifyContainerAboutLogin(username, roles); }
@Override public AuthenticationStatus notifyContainerAboutLogin(String username, Set<String> roles) { return getWrapped().notifyContainerAboutLogin(username, roles); }
@Override public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException { if (isValidFormPostback(request)) { IdentityStoreHandler identityStoreHandler = CDI.current().select(IdentityStoreHandler.class).get(); return httpMessageContext.notifyContainerAboutLogin( identityStoreHandler.validate( new UsernamePasswordCredential( request.getParameter("j_username"), new Password(request.getParameter("j_password"))))); } return httpMessageContext.doNothing(); }
@Override public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException { if (isValidFormPostback(request)) { IdentityStoreHandler identityStoreHandler = CDI.current().select(IdentityStoreHandler.class).get(); return httpMessageContext.notifyContainerAboutLogin( identityStoreHandler.validate( new UsernamePasswordCredential( request.getParameter("j_username"), new Password(request.getParameter("j_password"))))); } return httpMessageContext.doNothing(); }
@Override public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException { if (hasCredential(httpMessageContext)) { IdentityStoreHandler identityStoreHandler = CDI.current().select(IdentityStoreHandler.class).get(); return httpMessageContext.notifyContainerAboutLogin( identityStoreHandler.validate( httpMessageContext.getAuthParameters() .getCredential())); } return httpMessageContext.doNothing(); }
@Override public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException { if (hasCredential(httpMessageContext)) { IdentityStoreHandler identityStoreHandler = CDI.current().select(IdentityStoreHandler.class).get(); return httpMessageContext.notifyContainerAboutLogin( identityStoreHandler.validate( httpMessageContext.getAuthParameters() .getCredential())); } return httpMessageContext.doNothing(); }
/** * Create the JWT using CredentialValidationResult received from * IdentityStoreHandler * * @param result the result from validation of UsernamePasswordCredential * @param context * @return the AuthenticationStatus to notify the container */ private AuthenticationStatus createToken(CredentialValidationResult result, HttpMessageContext context) { if (!isRememberMe(context)) { String jwt = tokenProvider.createToken(result.getCallerPrincipal().getName(), result.getCallerGroups(), false); context.getResponse().setHeader(AUTHORIZATION_HEADER, BEARER + jwt); } return context.notifyContainerAboutLogin(result.getCallerPrincipal(), result.getCallerGroups()); }
/** * To validate the JWT token e.g Signature check, JWT claims * check(expiration) etc * * @param token The JWT access tokens * @param context * @return the AuthenticationStatus to notify the container */ private AuthenticationStatus validateToken(String token, HttpMessageContext context) { try { if (tokenProvider.validateToken(token)) { JWTCredential credential = tokenProvider.getCredential(token); return context.notifyContainerAboutLogin(credential.getPrincipal(), credential.getAuthorities()); } // if token invalid, response with unauthorized status return context.responseUnauthorized(); } catch (ExpiredJwtException eje) { LOGGER.log(Level.INFO, "Security exception for user {0} - {1}", new String[]{eje.getClaims().getSubject(), eje.getMessage()}); return context.responseUnauthorized(); } }
@Override public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMsgContext) throws AuthenticationException { String[] credentials = getCredentials(request); if (!isEmpty(credentials)) { IdentityStoreHandler identityStoreHandler = CDI.current().select(IdentityStoreHandler.class).get(); CredentialValidationResult result = identityStoreHandler.validate( new UsernamePasswordCredential(credentials[0], new Password(credentials[1]))); if (result.getStatus() == VALID) { return httpMsgContext.notifyContainerAboutLogin( result.getCallerPrincipal(), result.getCallerGroups()); } } if (httpMsgContext.isProtected()) { response.setHeader("WWW-Authenticate", format("Basic realm=\"%s\"", basicAuthenticationMechanismDefinition.realmName())); return httpMsgContext.responseUnauthorized(); } return httpMsgContext.doNothing(); }
@Override public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMsgContext) throws AuthenticationException { String[] credentials = getCredentials(request); if (!isEmpty(credentials)) { IdentityStoreHandler identityStoreHandler = CDI.current().select(IdentityStoreHandler.class).get(); CredentialValidationResult result = identityStoreHandler.validate( new UsernamePasswordCredential(credentials[0], new Password(credentials[1]))); if (result.getStatus() == VALID) { return httpMsgContext.notifyContainerAboutLogin( result.getCallerPrincipal(), result.getCallerGroups()); } } if (httpMsgContext.isProtected()) { response.setHeader("WWW-Authenticate", format("Basic realm=\"%s\"", basicAuthenticationMechanismDefinition.realmName())); return httpMsgContext.responseUnauthorized(); } return httpMsgContext.doNothing(); }