@Override public void handle(Request req, Response rsp) { WebContext context = req.require(WebContext.class); pac4j.getCallbackLogic() .perform(context, pac4j, pac4j.getHttpActionAdapter(), defaultUrl, multiProfile, renewSession); } }
@Override public void handle(Request req, Response rsp) { WebContext context = req.require(WebContext.class); String redirectTo = req.<String>ifGet("pac4j.logout.redirectTo").orElse(defaultUrl); conf.getLogoutLogic() .perform(context, conf, conf.getHttpActionAdapter(), redirectTo, logoutUrlPattern, localLogout, destroySession, centralLogout); } }
@Override public void handle(Request req, Response rsp, Route.Chain chain) throws Throwable { try { WebContext context = req.require(WebContext.class); /** 1: don't save authentication urls: */ String existingRequestedUrl = (String) context .getSessionAttribute(Pac4jConstants.REQUESTED_URL); boolean resetRequestedUrl = excludes.stream() .filter(it -> !it.endsWith("/**") && req.matches(it)) .findFirst() .isPresent(); conf.getSecurityLogic() .perform(context, conf, new Pac4jGrantAccessAdapter(req, rsp, chain), conf.getHttpActionAdapter(), clients, authorizers, matchers, multiProfile); /** 2: don't save authentication urls: */ if (resetRequestedUrl && req.ifSession().isPresent()) { // log.info("ignoring {} by {}", ctx.g, existingRequestedUrl); context.setSessionAttribute(Pac4jConstants.REQUESTED_URL, existingRequestedUrl); } } catch (TechnicalException x) { Throwable cause = x.getCause(); if (!(cause instanceof Err)) { // Pac4j wrap everything as TechnicalException, it makes stacktrace ugly, so we rethrow // Err cause = x; } throw cause; } // } }
callbackLogic = new DefaultCallbackLogic(); pac4j.setCallbackLogic(callbackLogic); SecurityLogic securityLogic = pac4j.getSecurityLogic(); if (securityLogic == null) { securityLogic = new DefaultSecurityLogic(); pac4j.setSecurityLogic(securityLogic); logoutLogic = new DefaultLogoutLogic<>(); pac4j.setLogoutLogic(logoutLogic);
public LogoutFilter() { logoutLogic = new DefaultLogoutLogic<>(); ((DefaultLogoutLogic<Object, J2EContext>) logoutLogic).setProfileManagerFactory(ShiroProfileManager::new); }
protected SecurityHandler(final HttpHandler toWrap, final Config config, final String clients, final String authorizers, final String matchers, final Boolean multiProfile) { securityLogic = new DefaultSecurityLogic<>(); ((DefaultSecurityLogic<Object, UndertowWebContext>) securityLogic).setProfileManagerFactory(UndertowProfileManager::new); this.toWrap = toWrap; this.config = config; this.clients = clients; this.authorizers = authorizers; this.matchers = matchers; this.multiProfile = multiProfile; }
protected CallbackHandler(final Config config, final String defaultUrl, final Boolean multiProfile) { callbackLogic = new DefaultCallbackLogic<>(); ((DefaultCallbackLogic<Object, UndertowWebContext>) callbackLogic).setProfileManagerFactory(UndertowProfileManager::new); this.config = config; this.defaultUrl = defaultUrl; this.multiProfile = multiProfile; }
public CasSecurityInterceptor(final Config config, final String clients, final String authorizers) { super(config, clients, authorizers); val secLogic = new DefaultSecurityLogic() { @Override protected HttpAction unauthorized(final WebContext context, final List currentClients) { return HttpAction.forbidden(context); } }; secLogic.setProfileStorageDecision(new AlwaysUseSessionProfileStorageDecision()); setSecurityLogic(secLogic); }
@Override @SuppressWarnings("unchecked") public void handle(RouteContext routeContext) { Objects.requireNonNull(callbackLogic); Objects.requireNonNull(config); PippoWebContext webContext = new PippoWebContext(routeContext, config.getSessionStore()); callbackLogic.perform(webContext, config, config.getHttpActionAdapter(), defaultUrl, multiProfile, renewSession); }
@Override @SuppressWarnings("unchecked") public void handle(RouteContext routeContext) { Objects.requireNonNull(logoutLogic); Objects.requireNonNull(config); PippoWebContext webContext = new PippoWebContext(routeContext, config.getSessionStore()); logoutLogic.perform(webContext, config, config.getHttpActionAdapter(), defaultUrl, logoutUrlPattern, localLogout, destroySession, centralLogout); }
public LogoutFilter() { logoutLogic = new DefaultLogoutLogic<>(); ((DefaultLogoutLogic<Object, J2EContext>) logoutLogic).setProfileManagerFactory(SpringSecurityProfileManager::new); }
public SecurityFilter() { securityLogic = new DefaultSecurityLogic<>(); ((DefaultSecurityLogic<Object, J2EContext>) securityLogic).setProfileManagerFactory(SpringSecurityProfileManager::new); }
@Override @SuppressWarnings("unchecked") public void handle(RouteContext routeContext) { Objects.requireNonNull(securityLogic); Objects.requireNonNull(config); PippoWebContext webContext = new PippoWebContext(routeContext, config.getSessionStore()); try { securityLogic.perform(webContext, config, (ctx, parameters) -> { throw new SecurityGrantedAccessException(); }, config.getHttpActionAdapter(), clients, authorizers, matchers, multiProfile); // stop the processing if no success granted access exception has been raised log.debug("Halt the request processing"); } catch (SecurityGrantedAccessException e) { // ignore this exception, it means the access is granted: continue log.debug("Received SecurityGrantedAccessException -> continue"); routeContext.next(); } }
public CallbackFilter() { callbackLogic = new DefaultCallbackLogic<>(); setSuffix(DEFAULT_CALLBACK_SUFFIX); ((DefaultCallbackLogic<Object, J2EContext>) callbackLogic).setProfileManagerFactory(SpringSecurityProfileManager::new); }
@Override protected void filter(JaxRsContext context) throws IOException { Config config = getConfig(); buildLogic(config).perform(context, config, adapter(config), context.getAbsolutePath(defaultUrl, false), saveInSession, multiProfile, renewSession, defaultClient); }
@Override protected void filter(JaxRsContext context) throws IOException { Config config = getConfig(); buildLogic(config).perform(context, config, adapter(config), context.getAbsolutePath(defaultUrl, false), context.getAbsolutePath(logoutUrlPattern, false), localLogout, destroySession, centralLogout); }
public LogoutHandler() { logoutLogic = new DefaultLogoutLogic<>(); ((DefaultLogoutLogic<Object, UndertowWebContext>) logoutLogic).setProfileManagerFactory(UndertowProfileManager::new); }
protected SecurityLogic<Object, JaxRsContext> buildLogic(Config config) { if (securityLogic != null) { return securityLogic; } else if (config.getSecurityLogic() != null) { return config.getSecurityLogic(); } else { DefaultSecurityLogic<Object, JaxRsContext> logic = new DefaultSecurityLogic<>(); logic.setProfileManagerFactory(JaxRsProfileManager::new); return logic; } }
protected CallbackLogic<Object, JaxRsContext> buildLogic(Config config) { if (callbackLogic != null) { return callbackLogic; } else if (config.getCallbackLogic() != null) { return config.getCallbackLogic(); } else { DefaultCallbackLogic<Object, JaxRsContext> logic = new DefaultCallbackLogic<>(); logic.setProfileManagerFactory(JaxRsProfileManager::new); return logic; } }
protected LogoutLogic<Object, JaxRsContext> buildLogic(Config config) { if (logoutLogic != null) { return logoutLogic; } else if (config.getLogoutLogic() != null) { return config.getLogoutLogic(); } else { DefaultLogoutLogic<Object, JaxRsContext> logic = new DefaultLogoutLogic<>(); logic.setProfileManagerFactory(JaxRsProfileManager::new); return logic; } }