Examples with SecurityContext io.undertow.security.api.SecurityContext used on opensource projects

Search in sources :

Example 11 with SecurityContext

use of io.undertow.security.api.SecurityContext in project undertow by undertow-io.

the class HttpServletRequestImpl method authenticate.

@Override
public boolean authenticate(final HttpServletResponse response) throws IOException, ServletException {
    if (response.isCommitted()) {
        throw UndertowServletMessages.MESSAGES.responseAlreadyCommited();
    }
    SecurityContext sc = exchange.getSecurityContext();
    sc.setAuthenticationRequired();
    // wrappers, is this a problem?
    if (sc.authenticate()) {
        if (sc.isAuthenticated()) {
            return true;
        } else {
            throw UndertowServletMessages.MESSAGES.authenticationFailed();
        }
    } else {
        if (!exchange.isResponseStarted() && exchange.getStatusCode() == 200) {
            throw UndertowServletMessages.MESSAGES.authenticationFailed();
        } else {
            return false;
        }
    }
}
Also used : SecurityContext(io.undertow.security.api.SecurityContext)

Example 12 with SecurityContext

use of io.undertow.security.api.SecurityContext in project undertow by undertow-io.

the class ServletSecurityRoleHandler method handleRequest.

@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
    final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    ServletRequest request = servletRequestContext.getServletRequest();
    if (request.getDispatcherType() == DispatcherType.REQUEST) {
        List<SingleConstraintMatch> constraints = servletRequestContext.getRequiredConstrains();
        SecurityContext sc = exchange.getSecurityContext();
        if (!authorizationManager.canAccessResource(constraints, sc.getAuthenticatedAccount(), servletRequestContext.getCurrentServlet().getManagedServlet().getServletInfo(), servletRequestContext.getOriginalRequest(), servletRequestContext.getDeployment())) {
            HttpServletResponse response = (HttpServletResponse) servletRequestContext.getServletResponse();
            response.sendError(StatusCodes.FORBIDDEN);
            return;
        }
    }
    next.handleRequest(exchange);
}
Also used : ServletRequest(javax.servlet.ServletRequest) SingleConstraintMatch(io.undertow.servlet.api.SingleConstraintMatch) SecurityContext(io.undertow.security.api.SecurityContext) ServletRequestContext(io.undertow.servlet.handlers.ServletRequestContext) HttpServletResponse(javax.servlet.http.HttpServletResponse)

Example 13 with SecurityContext

use of io.undertow.security.api.SecurityContext in project undertow by undertow-io.

the class AuthenticationMechanismsHandler method handleRequest.

@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
    final SecurityContext sc = exchange.getSecurityContext();
    if (sc != null && sc instanceof AuthenticationMechanismContext) {
        AuthenticationMechanismContext amc = (AuthenticationMechanismContext) sc;
        for (int i = 0; i < authenticationMechanisms.length; ++i) {
            amc.addAuthenticationMechanism(authenticationMechanisms[i]);
        }
    }
    next.handleRequest(exchange);
}
Also used : SecurityContext(io.undertow.security.api.SecurityContext) AuthenticationMechanismContext(io.undertow.security.api.AuthenticationMechanismContext)

Example 14 with SecurityContext

use of io.undertow.security.api.SecurityContext in project undertow by undertow-io.

the class CachedAuthenticatedSessionHandler method handleRequest.

@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
    SecurityContext securityContext = exchange.getSecurityContext();
    securityContext.registerNotificationReceiver(NOTIFICATION_RECEIVER);
    SessionManager sessionManager = exchange.getAttachment(SessionManager.ATTACHMENT_KEY);
    SessionConfig sessionConfig = exchange.getAttachment(SessionConfig.ATTACHMENT_KEY);
    if (sessionManager == null || sessionConfig == null) {
        next.handleRequest(exchange);
        return;
    }
    Session session = sessionManager.getSession(exchange, sessionConfig);
    // the AuthenticatedSessionManager.
    if (session != null) {
        exchange.putAttachment(AuthenticatedSessionManager.ATTACHMENT_KEY, SESSION_MANAGER);
    }
    next.handleRequest(exchange);
}
Also used : SessionManager(io.undertow.server.session.SessionManager) AuthenticatedSessionManager(io.undertow.security.api.AuthenticatedSessionManager) SecurityContext(io.undertow.security.api.SecurityContext) SessionConfig(io.undertow.server.session.SessionConfig) Session(io.undertow.server.session.Session) AuthenticatedSession(io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession)

Example 15 with SecurityContext

use of io.undertow.security.api.SecurityContext in project undertow by undertow-io.

the class NotificationReceiverHandler method handleRequest.

@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
    SecurityContext sc = exchange.getSecurityContext();
    for (int i = 0; i < receivers.length; ++i) {
        sc.registerNotificationReceiver(receivers[i]);
    }
    next.handleRequest(exchange);
}
Also used : SecurityContext(io.undertow.security.api.SecurityContext)

Aggregations

SecurityContext (io.undertow.security.api.SecurityContext)18 Account (io.undertow.security.idm.Account)4 ServletRequestContext (io.undertow.servlet.handlers.ServletRequestContext)4 HttpServerExchange (io.undertow.server.HttpServerExchange)3 HttpSession (javax.servlet.http.HttpSession)2 Undertow (io.undertow.Undertow)1 AuthenticatedSessionManager (io.undertow.security.api.AuthenticatedSessionManager)1 AuthenticatedSession (io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession)1 AuthenticationMechanism (io.undertow.security.api.AuthenticationMechanism)1 AuthenticationMechanismContext (io.undertow.security.api.AuthenticationMechanismContext)1 IdentityManager (io.undertow.security.idm.IdentityManager)1 ExchangeCompletionListener (io.undertow.server.ExchangeCompletionListener)1 HttpHandler (io.undertow.server.HttpHandler)1 Session (io.undertow.server.session.Session)1 SessionConfig (io.undertow.server.session.SessionConfig)1 SessionManager (io.undertow.server.session.SessionManager)1 AuthorizationManager (io.undertow.servlet.api.AuthorizationManager)1 Deployment (io.undertow.servlet.api.Deployment)1 SingleConstraintMatch (io.undertow.servlet.api.SingleConstraintMatch)1 ServletChain (io.undertow.servlet.handlers.ServletChain)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial