/** * Creates an authentication mechanism that needs access to the deployment IdentityManager and specified properties * * @param mechanismName The name under which this factory was registered * @param identityManager the IdentityManager instance asscociated with the deployment * @param formParserFactory Parser to create a form data parser for a given request. * @param properties The properties * @return The mechanism */ default AuthenticationMechanism create(String mechanismName, IdentityManager identityManager, FormParserFactory formParserFactory, final Map<String, String> properties) { return create(mechanismName, formParserFactory, properties); }
private void sendNoticiation(final SecurityNotification notification) { Node<NotificationReceiver> cur = notificationReceivers; while (cur != null) { cur.item.handleNotification(notification); cur = cur.next; } }
/** * @see io.undertow.security.handlers.AbstractSecurityContextAssociationHandler#createSecurityContext() */ @Override public SecurityContext createSecurityContext(final HttpServerExchange exchange) { return contextFactory.createSecurityContext(exchange, authenticationMode, identityManager, programaticMechName); }
public AuthenticationMechanismOutcome runCached(final HttpServerExchange exchange, final SecurityContext securityContext, final AuthenticatedSessionManager sessionManager) { AuthenticatedSession authSession = sessionManager.lookupSession(exchange); if (authSession != null) { Account account = getIdentityManager(securityContext).verify(authSession.getAccount()); if (account != null) { securityContext.authenticationComplete(account, authSession.getMechanism(), false); return AuthenticationMechanismOutcome.AUTHENTICATED; } else { sessionManager.clearSession(exchange); // We know we had a previously authenticated account but for some reason the IdentityManager is no longer // accepting it, we now return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } } else { // It is possible an AuthenticatedSessionManager could have been available even if there was no chance of it // loading a session. return AuthenticationMechanismOutcome.NOT_ATTEMPTED; } }
@SuppressWarnings("deprecation") private IdentityManager getIdentityManager(SecurityContext securityContext) { return identityManager != null ? identityManager : securityContext.getIdentityManager(); }
@Override public ChallengeResult sendChallenge(final HttpServerExchange exchange, final SecurityContext securityContext) { return new ChallengeResult(true); }
/** * * @return The account that was associated with the SSE request */ public Account getAccount() { SecurityContext sc = exchange.getSecurityContext(); if (sc != null) { return sc.getAuthenticatedAccount(); } return null; }
private boolean isCacheable(final SecurityNotification notification) { return notification.isProgramatic() || notification.isCachingRequired(); }
@Override public void handleNotification(SecurityNotification notification) { if (notification.getEventType() == SecurityNotification.EventType.LOGGED_OUT) { singleSignOnManager.removeSingleSignOn(sso); } } });
@Override public boolean resolve(HttpServerExchange value) { SecurityContext sc = value.getSecurityContext(); if(sc == null) { return false; } return sc.isAuthenticationRequired(); }
@Override public String readAttribute(HttpServerExchange exchange) { SecurityContext sc = exchange.getSecurityContext(); if(sc == null) { return null; } return sc.getMechanismName(); }
@SuppressWarnings("deprecation") private IdentityManager getIdentityManager(SecurityContext securityContext) { return identityManager != null ? identityManager : securityContext.getIdentityManager(); }
/** * <p>The authentication is mandatory if the servlet has http constraints (eg.: {@link * javax.servlet.annotation.HttpConstraint}).</p> * * @param attachment * @return */ private Boolean isMandatory(final ServletRequestContext attachment) { return attachment.getExchange().getSecurityContext() != null && attachment.getExchange().getSecurityContext().isAuthenticationRequired(); }
@SuppressWarnings("deprecation") private IdentityManager getIdentityManager(SecurityContext securityContext) { return identityManager != null ? identityManager : securityContext.getIdentityManager(); }
@SuppressWarnings("deprecation") private IdentityManager getIdentityManager(SecurityContext securityContext) { return identityManager != null ? identityManager : securityContext.getIdentityManager(); }
@SuppressWarnings("deprecation") private IdentityManager getIdentityManager(SecurityContext securityContext) { return identityManager != null ? identityManager : securityContext.getIdentityManager(); }
@SuppressWarnings("deprecation") private IdentityManager getIdentityManager(SecurityContext securityContext) { return identityManager != null ? identityManager : securityContext.getIdentityManager(); }
@SuppressWarnings("deprecation") private IdentityManager getIdentityManager(SecurityContext securityContext) { return identityManager != null ? identityManager : securityContext.getIdentityManager(); }
@SuppressWarnings("deprecation") private IdentityManager getIdentityManager(SecurityContext securityContext) { return identityManager != null ? identityManager : securityContext.getIdentityManager(); }
@SuppressWarnings("deprecation") private IdentityManager getIdentityManager(SecurityContext securityContext) { return identityManager != null ? identityManager : securityContext.getIdentityManager(); }