use of io.undertow.security.idm.Account in project undertow by undertow-io.
the class AsyncWebSocketHttpServerExchange method isUserInRole.
@Override
public boolean isUserInRole(String role) {
SecurityContext sc = exchange.getSecurityContext();
if (sc == null) {
return false;
}
Account authenticatedAccount = sc.getAuthenticatedAccount();
if (authenticatedAccount == null) {
return false;
}
return authenticatedAccount.getRoles().contains(role);
}
use of io.undertow.security.idm.Account in project openremote by openremote.
the class SimpleKeycloakServletExtension method handleDeployment.
@Override
@SuppressWarnings("UseSpecificCatch")
public void handleDeployment(DeploymentInfo deploymentInfo, ServletContext servletContext) {
servletContext.setAttribute(AdapterDeploymentContext.class.getName(), deploymentContext);
UndertowUserSessionManagement userSessionManagement = new UndertowUserSessionManagement();
final NodesRegistrationManagement nodesRegistrationManagement = new NodesRegistrationManagement();
final ServletKeycloakAuthMech mech = createAuthenticationMechanism(deploymentInfo, deploymentContext, userSessionManagement, nodesRegistrationManagement);
UndertowAuthenticatedActionsHandler.Wrapper actions = new UndertowAuthenticatedActionsHandler.Wrapper(deploymentContext);
// setup handlers
deploymentInfo.addOuterHandlerChainWrapper(new ServletPreAuthActionsHandler.Wrapper(deploymentContext, userSessionManagement));
deploymentInfo.addAuthenticationMechanism(AUTH_MECHANISM, new AuthenticationMechanismFactory() {
@Override
public AuthenticationMechanism create(String s, IdentityManager identityManager, FormParserFactory formParserFactory, Map<String, String> stringStringMap) {
return mech;
}
});
// authentication
// handles authenticated actions and cors.
deploymentInfo.addInnerHandlerChainWrapper(actions);
deploymentInfo.setIdentityManager(new IdentityManager() {
@Override
public Account verify(Account account) {
return account;
}
@Override
public Account verify(String id, Credential credential) {
throw new IllegalStateException("Should never be called in Keycloak flow");
}
@Override
public Account verify(Credential credential) {
throw new IllegalStateException("Should never be called in Keycloak flow");
}
});
ServletSessionConfig cookieConfig = deploymentInfo.getServletSessionConfig();
if (cookieConfig == null) {
cookieConfig = new ServletSessionConfig();
}
if (cookieConfig.getPath() == null) {
log.debug("Setting jsession cookie path to: " + deploymentInfo.getContextPath());
cookieConfig.setPath(deploymentInfo.getContextPath());
deploymentInfo.setServletSessionConfig(cookieConfig);
}
ChangeSessionId.turnOffChangeSessionIdOnLogin(deploymentInfo);
deploymentInfo.addListener(new ListenerInfo(UndertowNodesRegistrationManagementWrapper.class, (InstanceFactory<UndertowNodesRegistrationManagementWrapper>) () -> {
UndertowNodesRegistrationManagementWrapper listener = new UndertowNodesRegistrationManagementWrapper(nodesRegistrationManagement);
return new ImmediateInstanceHandle<>(listener);
}));
}
use of io.undertow.security.idm.Account in project openremote by openremote.
the class BasicIdentityProvider method secureDeployment.
@Override
public void secureDeployment(DeploymentInfo deploymentInfo) {
LoginConfig loginConfig = new LoginConfig("OpenRemote");
// Make it silent to prevent 401 WWW-Authenticate modal dialog
deploymentInfo.addAuthenticationMechanism("BASIC-FIX", BasicFixAuthenticationMechanism.FACTORY);
loginConfig.addFirstAuthMethod(new AuthMethodConfig("BASIC-FIX", Collections.singletonMap("silent", "true")));
deploymentInfo.setLoginConfig(loginConfig);
deploymentInfo.setIdentityManager(new IdentityManager() {
@Override
public Account verify(Account account) {
return null;
}
@Override
public Account verify(String id, Credential credential) {
if (credential instanceof PasswordCredential) {
PasswordCredential passwordCredential = (PasswordCredential) credential;
return verifyAccount(id, passwordCredential.getPassword());
} else {
LOG.fine("Verification of '" + id + "' failed, no password credentials found, but: " + credential);
return null;
}
}
@Override
public Account verify(Credential credential) {
return null;
}
});
}
Aggregations