Search in sources :

Example 1 with Credential

use of io.undertow.security.idm.Credential in project undertow by undertow-io.

the class ClientCertAuthenticationMechanism method authenticate.

public AuthenticationMechanismOutcome authenticate(final HttpServerExchange exchange, final SecurityContext securityContext) {
    SSLSessionInfo sslSession = exchange.getConnection().getSslSessionInfo();
    if (sslSession != null) {
        try {
            Certificate[] clientCerts = getPeerCertificates(exchange, sslSession, securityContext);
            if (clientCerts[0] instanceof X509Certificate) {
                Credential credential = new X509CertificateCredential((X509Certificate) clientCerts[0]);
                IdentityManager idm = getIdentityManager(securityContext);
                Account account = idm.verify(credential);
                if (account != null) {
                    securityContext.authenticationComplete(account, name, false);
                    return AuthenticationMechanismOutcome.AUTHENTICATED;
                }
            }
        } catch (SSLPeerUnverifiedException e) {
        // No action - this mechanism can not attempt authentication without peer certificates so allow it to drop out
        // to NOT_ATTEMPTED.
        }
    }
    return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
Also used : Account(io.undertow.security.idm.Account) Credential(io.undertow.security.idm.Credential) X509CertificateCredential(io.undertow.security.idm.X509CertificateCredential) IdentityManager(io.undertow.security.idm.IdentityManager) SSLSessionInfo(io.undertow.server.SSLSessionInfo) X509CertificateCredential(io.undertow.security.idm.X509CertificateCredential) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Aggregations

Account (io.undertow.security.idm.Account)1 Credential (io.undertow.security.idm.Credential)1 IdentityManager (io.undertow.security.idm.IdentityManager)1 X509CertificateCredential (io.undertow.security.idm.X509CertificateCredential)1 SSLSessionInfo (io.undertow.server.SSLSessionInfo)1 Certificate (java.security.cert.Certificate)1 X509Certificate (java.security.cert.X509Certificate)1 SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)1