Examples with SecurityInitialHandler io.undertow.security.handlers.SecurityInitialHandler used on opensource projects

Search in sources :

Example 6 with SecurityInitialHandler

use of io.undertow.security.handlers.SecurityInitialHandler in project droolsjbpm-integration by kiegroup.

the class KieServerRouter method start.

public void start(String host, Integer port, Integer portTls, ConfigurationListener... listeners) {
    System.setProperty(ROUTER_HOST, host);
    System.setProperty(ROUTER_PORT, port.toString());
    System.setProperty(ROUTER_PORT_TLS, portTls.toString());
    boolean isHttpEnabled = environment().isHttpEnabled();
    configurationManager = new ConfigurationManager(environment(), repository, executorService);
    Configuration configuration = configurationManager.getConfiguration();
    for (ConfigurationListener listener : listeners) {
        configurationManager.getConfiguration().addListener(listener);
    }
    // setup config file watcher to be updated when changes are discovered
    if (environment().isConfigFileWatcherEnabled()) {
        configurationManager.startWatcher();
    }
    AdminHttpHandler adminHandler = new AdminHttpHandler(configurationManager);
    final KieServerProxyClient proxyClient = new KieServerProxyClient(configurationManager);
    Map<String, List<String>> perContainer = configuration.getHostsPerContainer();
    for (Map.Entry<String, List<String>> entry : perContainer.entrySet()) {
        Set<String> uniqueUrls = new LinkedHashSet<>(entry.getValue());
        uniqueUrls.forEach(url -> {
            proxyClient.addContainer(entry.getKey(), URI.create(url));
        });
    }
    HttpHandler notFoundHandler = ResponseCodeHandler.HANDLE_404;
    ProxyHandler proxyHandler = ProxyHandler.builder().setProxyClient(proxyClient).setMaxRequestTime(-1).setRewriteHostHeader(true).setReuseXForwarded(false).setNext(new OptionsHttpHandler(notFoundHandler, configurationManager)).build();
    PathHandler pathHandler = Handlers.path(proxyHandler);
    pathHandler.addPrefixPath("/queries/definitions", new QueriesDataHttpHandler(notFoundHandler, configurationManager));
    pathHandler.addPrefixPath("/queries", new QueriesHttpHandler(notFoundHandler, configurationManager));
    pathHandler.addPrefixPath("/jobs", new JobsHttpHandler(proxyHandler, configurationManager));
    pathHandler.addPrefixPath("/documents", new DocumentsHttpHandler(notFoundHandler, configurationManager));
    pathHandler.addExactPath("/containers", new ContainersHttpHandler(notFoundHandler, configurationManager));
    if (environment().isManagementSecured()) {
        IdentityManager idm = getIdentityService();
        HttpHandler authenticationCallHandler = new AuthenticationCallHandler(adminHandler);
        HttpHandler authenticationConstraintHandler = new AuthenticationConstraintHandler(authenticationCallHandler);
        List<AuthenticationMechanism> mechanisms = Collections.singletonList(new BasicAuthenticationMechanism("KieServerRouterRealm"));
        AuthenticationMechanismsHandler authenticationMechanismsHandler = new AuthenticationMechanismsHandler(authenticationConstraintHandler, mechanisms);
        SecurityInitialHandler securityInitialHandler = new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, idm, authenticationMechanismsHandler);
        pathHandler.addPrefixPath("/mgmt", securityInitialHandler);
    } else {
        pathHandler.addPrefixPath("/mgmt", adminHandler);
    }
    pathHandler.addExactPath("/", new KieServerInfoHandler(environment()));
    HttpHandler blockingHandler = new BlockingHandler(pathHandler);
    // main server configuration
    Undertow.Builder undertowBuilder = Undertow.builder();
    if (isHttpEnabled) {
        undertowBuilder.addHttpListener(port, host);
    }
    if (environment().isTlsEnabled()) {
        SSLContext sslContext = SSLContextBuilder.builder().setKeyStorePath(environment().getKeystorePath()).setKeyStorePassword(environment().getKeystorePassword()).setKeyAlias(environment().getKeystoreKey()).build();
        undertowBuilder = undertowBuilder.addHttpsListener(portTls, host, sslContext);
    }
    if (!isHttpEnabled && !environment().isTlsEnabled()) {
        throw new IllegalStateException("HTTP listener was disabled (by setting HTTP port to 0 or lower ) and TLS wasn't configured, no listener is available to handle requests");
    }
    server = undertowBuilder.setHandler(blockingHandler).build();
    server.start();
    if (log.isInfoEnabled()) {
        logServerInfo("KieServerRouter started on: ", host, port, portTls);
    }
    connectToController(configurationManager);
}
Also used : LinkedHashSet(java.util.LinkedHashSet) AuthenticationConstraintHandler(io.undertow.security.handlers.AuthenticationConstraintHandler) IdentityManager(io.undertow.security.idm.IdentityManager) QueriesDataHttpHandler(org.kie.server.router.handlers.QueriesDataHttpHandler) KieServerProxyClient(org.kie.server.router.proxy.KieServerProxyClient) PathHandler(io.undertow.server.handlers.PathHandler) AdminHttpHandler(org.kie.server.router.handlers.AdminHttpHandler) OptionsHttpHandler(org.kie.server.router.handlers.OptionsHttpHandler) SecurityInitialHandler(io.undertow.security.handlers.SecurityInitialHandler) BlockingHandler(io.undertow.server.handlers.BlockingHandler) ContainersHttpHandler(org.kie.server.router.handlers.ContainersHttpHandler) AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler) DocumentsHttpHandler(org.kie.server.router.handlers.DocumentsHttpHandler) List(java.util.List) ArrayList(java.util.ArrayList) QueriesHttpHandler(org.kie.server.router.handlers.QueriesHttpHandler) JobsHttpHandler(org.kie.server.router.handlers.JobsHttpHandler) OptionsHttpHandler(org.kie.server.router.handlers.OptionsHttpHandler) ContainersHttpHandler(org.kie.server.router.handlers.ContainersHttpHandler) QueriesDataHttpHandler(org.kie.server.router.handlers.QueriesDataHttpHandler) AdminHttpHandler(org.kie.server.router.handlers.AdminHttpHandler) QueriesHttpHandler(org.kie.server.router.handlers.QueriesHttpHandler) DocumentsHttpHandler(org.kie.server.router.handlers.DocumentsHttpHandler) HttpHandler(io.undertow.server.HttpHandler) ProxyHandler(io.undertow.server.handlers.proxy.ProxyHandler) BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism) AuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism) SSLContext(javax.net.ssl.SSLContext) AuthenticationMechanismsHandler(io.undertow.security.handlers.AuthenticationMechanismsHandler) KieServerInfoHandler(org.kie.server.router.handlers.KieServerInfoHandler) JobsHttpHandler(org.kie.server.router.handlers.JobsHttpHandler) Map(java.util.Map) BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism) Undertow(io.undertow.Undertow)

Example 7 with SecurityInitialHandler

use of io.undertow.security.handlers.SecurityInitialHandler in project hermes by allegro.

the class HandlersChainFactory method createAuthenticationHandlersChain.

private HttpHandler createAuthenticationHandlersChain(HttpHandler next, AuthenticationConfiguration authConfig) {
    HttpHandler authenticationCallHandler = new AuthenticationCallHandler(next);
    HttpHandler constraintHandler = new AuthenticationPredicateAwareConstraintHandler(authenticationCallHandler, authConfig.getIsAuthenticationRequiredPredicate());
    HttpHandler mechanismsHandler = new AuthenticationMechanismsHandler(constraintHandler, authConfig.getAuthMechanisms());
    AuthenticationMode authenticationMode = AuthenticationMode.valueOf(configFactory.getStringProperty(Configs.FRONTEND_AUTHENTICATION_MODE).toUpperCase());
    return new SecurityInitialHandler(authenticationMode, authConfig.getIdentityManager(), mechanismsHandler);
}
Also used : HttpHandler(io.undertow.server.HttpHandler) AuthenticationMode(io.undertow.security.api.AuthenticationMode) SecurityInitialHandler(io.undertow.security.handlers.SecurityInitialHandler) AuthenticationMechanismsHandler(io.undertow.security.handlers.AuthenticationMechanismsHandler) AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler) AuthenticationPredicateAwareConstraintHandler(pl.allegro.tech.hermes.frontend.server.auth.AuthenticationPredicateAwareConstraintHandler)

Example 8 with SecurityInitialHandler

use of io.undertow.security.handlers.SecurityInitialHandler in project light-oauth2 by networknt.

the class PathHandlerProvider method addFormSecurity.

private static HttpHandler addFormSecurity(final HttpHandler toWrap, final IdentityManager identityManager) {
    HttpHandler handler = toWrap;
    handler = new AuthenticationCallHandler(handler);
    handler = new AuthenticationConstraintHandler(handler);
    final List<AuthenticationMechanism> mechanisms = new ArrayList<>();
    mechanisms.add(new CachedAuthenticatedSessionMechanism());
    mechanisms.add(new FormAuthenticationMechanism("oauth2", "/login", "/error", "/oauth2/authorize"));
    handler = new AuthenticationMechanismsHandler(handler, mechanisms);
    handler = new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, identityManager, handler);
    handler = new SessionAttachmentHandler(handler, new InMemorySessionManager("oauth2"), new SessionCookieConfig());
    return handler;
}
Also used : HttpHandler(io.undertow.server.HttpHandler) AuthenticationConstraintHandler(io.undertow.security.handlers.AuthenticationConstraintHandler) CachedAuthenticatedSessionMechanism(io.undertow.security.impl.CachedAuthenticatedSessionMechanism) FormAuthenticationMechanism(io.undertow.security.impl.FormAuthenticationMechanism) BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism) AuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism) FormAuthenticationMechanism(io.undertow.security.impl.FormAuthenticationMechanism) ArrayList(java.util.ArrayList) SessionAttachmentHandler(io.undertow.server.session.SessionAttachmentHandler) SecurityInitialHandler(io.undertow.security.handlers.SecurityInitialHandler) AuthenticationMechanismsHandler(io.undertow.security.handlers.AuthenticationMechanismsHandler) AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler) SessionCookieConfig(io.undertow.server.session.SessionCookieConfig) InMemorySessionManager(io.undertow.server.session.InMemorySessionManager)

Example 9 with SecurityInitialHandler

use of io.undertow.security.handlers.SecurityInitialHandler in project light-oauth2 by networknt.

the class PathHandlerProvider method addBasicSecurity.

private static HttpHandler addBasicSecurity(final HttpHandler toWrap, final IdentityManager identityManager) {
    HttpHandler handler = toWrap;
    handler = new AuthenticationCallHandler(handler);
    handler = new AuthenticationConstraintHandler(handler);
    final List<AuthenticationMechanism> mechanisms = Collections.singletonList(new BasicAuthenticationMechanism("oauth2"));
    handler = new AuthenticationMechanismsHandler(handler, mechanisms);
    handler = new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, identityManager, handler);
    return handler;
}
Also used : HttpHandler(io.undertow.server.HttpHandler) AuthenticationConstraintHandler(io.undertow.security.handlers.AuthenticationConstraintHandler) SecurityInitialHandler(io.undertow.security.handlers.SecurityInitialHandler) AuthenticationMechanismsHandler(io.undertow.security.handlers.AuthenticationMechanismsHandler) BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism) AuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism) FormAuthenticationMechanism(io.undertow.security.impl.FormAuthenticationMechanism) AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler) BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism)

Example 10 with SecurityInitialHandler

use of io.undertow.security.handlers.SecurityInitialHandler in project mangooio by svenkubiak.

the class RequestUtils method wrapBasicAuthentication.

/**
 * Adds a Wrapper to the handler when the request requires authentication
 *
 * @param httpHandler The Handler to wrap
 * @param username The username to use
 * @param password The password to use
 * @return An HttpHandler wrapped through BasicAuthentication
 */
public static HttpHandler wrapBasicAuthentication(HttpHandler httpHandler, String username, String password) {
    Objects.requireNonNull(httpHandler, Required.HTTP_HANDLER.toString());
    Objects.requireNonNull(username, Required.USERNAME.toString());
    Objects.requireNonNull(password, Required.PASSWORD.toString());
    HttpHandler wrap = new AuthenticationCallHandler(httpHandler);
    wrap = new AuthenticationConstraintHandler(wrap);
    wrap = new AuthenticationMechanismsHandler(wrap, Collections.singletonList(new BasicAuthenticationMechanism("Authentication required")));
    return new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, new Identity(username, password), wrap);
}
Also used : HttpHandler(io.undertow.server.HttpHandler) AuthenticationConstraintHandler(io.undertow.security.handlers.AuthenticationConstraintHandler) SecurityInitialHandler(io.undertow.security.handlers.SecurityInitialHandler) AuthenticationMechanismsHandler(io.undertow.security.handlers.AuthenticationMechanismsHandler) AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler) Identity(io.mangoo.models.Identity) BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism)

Aggregations

AuthenticationMechanismsHandler (io.undertow.security.handlers.AuthenticationMechanismsHandler)22 SecurityInitialHandler (io.undertow.security.handlers.SecurityInitialHandler)22 HttpHandler (io.undertow.server.HttpHandler)22 AuthenticationCallHandler (io.undertow.security.handlers.AuthenticationCallHandler)21 AuthenticationMechanism (io.undertow.security.api.AuthenticationMechanism)20 AuthenticationConstraintHandler (io.undertow.security.handlers.AuthenticationConstraintHandler)20 BasicAuthenticationMechanism (io.undertow.security.impl.BasicAuthenticationMechanism)14 ArrayList (java.util.ArrayList)9 CachedAuthenticatedSessionMechanism (io.undertow.security.impl.CachedAuthenticatedSessionMechanism)6 FormAuthenticationMechanism (io.undertow.security.impl.FormAuthenticationMechanism)5 LightBasicAuthenticationMechanism (com.networknt.oauth.security.LightBasicAuthenticationMechanism)4 LightGSSAPIAuthenticationMechanism (com.networknt.oauth.security.LightGSSAPIAuthenticationMechanism)4 DigestAuthenticationMechanism (io.undertow.security.impl.DigestAuthenticationMechanism)4 InMemorySessionManager (io.undertow.server.session.InMemorySessionManager)4 SessionAttachmentHandler (io.undertow.server.session.SessionAttachmentHandler)4 SessionCookieConfig (io.undertow.server.session.SessionCookieConfig)4 AuthenticationMode (io.undertow.security.api.AuthenticationMode)3 NotificationReceiver (io.undertow.security.api.NotificationReceiver)3 NotificationReceiverHandler (io.undertow.security.handlers.NotificationReceiverHandler)3 IdentityManager (io.undertow.security.idm.IdentityManager)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial