Example 1 with DigestAuthenticationMechanism
use of io.undertow.security.impl.DigestAuthenticationMechanism in project cxf by apache.
the class UndertowDigestAuthHandler method buildSecurityHandler.
private void buildSecurityHandler() {
HttpHandler handler = this.next;
handler = new AuthenticationCallHandler(handler);
handler = new AuthenticationConstraintHandler(handler);
final List<AuthenticationMechanism> mechanisms = Collections.<AuthenticationMechanism>singletonList(new DigestAuthenticationMechanism("WSRealm", "WSDomain", "DIGEST", this.identityManager));
handler = new AuthenticationMechanismsHandler(handler, mechanisms);
this.securityHandler = new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, identityManager, handler);
}
Also used :
CXFUndertowHttpHandler(org.apache.cxf.transport.http_undertow.CXFUndertowHttpHandler)
HttpHandler(io.undertow.server.HttpHandler)
AuthenticationConstraintHandler(io.undertow.security.handlers.AuthenticationConstraintHandler)
DigestAuthenticationMechanism(io.undertow.security.impl.DigestAuthenticationMechanism)
SecurityInitialHandler(io.undertow.security.handlers.SecurityInitialHandler)
AuthenticationMechanismsHandler(io.undertow.security.handlers.AuthenticationMechanismsHandler)
DigestAuthenticationMechanism(io.undertow.security.impl.DigestAuthenticationMechanism)
AuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism)
AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler)
Example 2 with DigestAuthenticationMechanism
use of io.undertow.security.impl.DigestAuthenticationMechanism in project wildfly-swarm by wildfly-swarm.
the class SecureHttpContexts method secureHandler.
/**
* Wraps the target handler and makes it inheritSecurity.
* Includes a predicate for relevant web contexts.
*/
private HttpHandler secureHandler(final HttpHandler toWrap, SecurityRealm securityRealm) {
HttpHandler handler = toWrap;
handler = new AuthenticationCallHandler(handler);
handler = new AuthenticationConstraintHandler(handler);
RealmIdentityManager idm = new RealmIdentityManager(securityRealm);
Set<AuthMechanism> mechanisms = securityRealm.getSupportedAuthenticationMechanisms();
List<AuthenticationMechanism> undertowMechanisms = new ArrayList<AuthenticationMechanism>(mechanisms.size());
undertowMechanisms.add(wrap(new CachedAuthenticatedSessionMechanism(), null));
for (AuthMechanism current : mechanisms) {
switch(current) {
case DIGEST:
List<DigestAlgorithm> digestAlgorithms = Collections.singletonList(DigestAlgorithm.MD5);
List<DigestQop> digestQops = Collections.singletonList(DigestQop.AUTH);
undertowMechanisms.add(wrap(new DigestAuthenticationMechanism(digestAlgorithms, digestQops, securityRealm.getName(), "Monitor", new SimpleNonceManager()), current));
break;
case PLAIN:
undertowMechanisms.add(wrap(new BasicAuthenticationMechanism(securityRealm.getName()), current));
break;
case LOCAL:
break;
default:
}
}
handler = new AuthenticationMechanismsHandler(handler, undertowMechanisms);
handler = new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, idm, handler);
// the predicate handler takes care that all of the above
// will only be enacted on relevant web contexts
handler = new PredicateHandler(exchange -> {
if (!monitor.getSecurityRealm().isPresent()) {
return false;
}
if (Queries.isAggregatorEndpoint(monitor, exchange.getRelativePath())) {
return true;
}
if (Queries.isDirectAccessToHealthEndpoint(monitor, exchange.getRelativePath())) {
if (!hasTokenAuth(exchange)) {
return true;
}
return false;
}
if (HttpContexts.getDefaultContextNames().contains(exchange.getRelativePath())) {
return true;
}
return false;
}, handler, toWrap);
return handler;
}
Also used :
DigestQop(io.undertow.security.impl.DigestQop)
BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism)
HttpServerExchange(io.undertow.server.HttpServerExchange)
NamingException(javax.naming.NamingException)
SecurityRealm(org.jboss.as.domain.management.SecurityRealm)
SecurityInitialHandler(io.undertow.security.handlers.SecurityInitialHandler)
ArrayList(java.util.ArrayList)
AuthenticationMechanismsHandler(io.undertow.security.handlers.AuthenticationMechanismsHandler)
DigestAlgorithm(io.undertow.security.idm.DigestAlgorithm)
AuthenticationMechanismWrapper(org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper)
PredicateHandler(io.undertow.server.handlers.PredicateHandler)
CachedAuthenticatedSessionMechanism(io.undertow.security.impl.CachedAuthenticatedSessionMechanism)
DigestQop(io.undertow.security.impl.DigestQop)
DigestAuthenticationMechanism(io.undertow.security.impl.DigestAuthenticationMechanism)
Monitor(org.wildfly.swarm.microprofile.health.api.Monitor)
Vetoed(javax.enterprise.inject.Vetoed)
AuthenticationConstraintHandler(io.undertow.security.handlers.AuthenticationConstraintHandler)
Set(java.util.Set)
AuthenticationMode(io.undertow.security.api.AuthenticationMode)
AuthMechanism(org.jboss.as.domain.management.AuthMechanism)
HttpHandler(io.undertow.server.HttpHandler)
List(java.util.List)
SimpleNonceManager(io.undertow.security.impl.SimpleNonceManager)
AuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism)
RealmIdentityManager(org.jboss.as.domain.http.server.security.RealmIdentityManager)
AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler)
Optional(java.util.Optional)
Collections(java.util.Collections)
HttpHandler(io.undertow.server.HttpHandler)
AuthenticationConstraintHandler(io.undertow.security.handlers.AuthenticationConstraintHandler)
DigestAuthenticationMechanism(io.undertow.security.impl.DigestAuthenticationMechanism)
CachedAuthenticatedSessionMechanism(io.undertow.security.impl.CachedAuthenticatedSessionMechanism)
BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism)
DigestAuthenticationMechanism(io.undertow.security.impl.DigestAuthenticationMechanism)
AuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism)
RealmIdentityManager(org.jboss.as.domain.http.server.security.RealmIdentityManager)
ArrayList(java.util.ArrayList)
PredicateHandler(io.undertow.server.handlers.PredicateHandler)
SimpleNonceManager(io.undertow.security.impl.SimpleNonceManager)
AuthMechanism(org.jboss.as.domain.management.AuthMechanism)
SecurityInitialHandler(io.undertow.security.handlers.SecurityInitialHandler)
AuthenticationMechanismsHandler(io.undertow.security.handlers.AuthenticationMechanismsHandler)
AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler)
BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism)
DigestAlgorithm(io.undertow.security.idm.DigestAlgorithm)
Example 3 with DigestAuthenticationMechanism
use of io.undertow.security.impl.DigestAuthenticationMechanism in project wildfly-swarm by wildfly-swarm.
the class SecureHttpContexts method secureHandler.
/**
* Wraps the target handler and makes it inheritSecurity.
* Includes a predicate for relevant web contexts.
*/
@SuppressWarnings("deprecation")
private HttpHandler secureHandler(final HttpHandler toWrap, SecurityRealm securityRealm) {
HttpHandler handler = toWrap;
handler = new AuthenticationCallHandler(handler);
handler = new AuthenticationConstraintHandler(handler);
RealmIdentityManager idm = new RealmIdentityManager(securityRealm);
Set<AuthMechanism> mechanisms = securityRealm.getSupportedAuthenticationMechanisms();
List<AuthenticationMechanism> undertowMechanisms = new ArrayList<AuthenticationMechanism>(mechanisms.size());
undertowMechanisms.add(wrap(new CachedAuthenticatedSessionMechanism(), null));
for (AuthMechanism current : mechanisms) {
switch(current) {
case DIGEST:
List<DigestAlgorithm> digestAlgorithms = Collections.singletonList(DigestAlgorithm.MD5);
List<DigestQop> digestQops = Collections.singletonList(DigestQop.AUTH);
undertowMechanisms.add(wrap(new DigestAuthenticationMechanism(digestAlgorithms, digestQops, securityRealm.getName(), "Monitor", new SimpleNonceManager()), current));
break;
case PLAIN:
undertowMechanisms.add(wrap(new BasicAuthenticationMechanism(securityRealm.getName()), current));
break;
case LOCAL:
break;
default:
}
}
handler = new AuthenticationMechanismsHandler(handler, undertowMechanisms);
handler = new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, idm, handler);
// the predicate handler takes care that all of the above
// will only be enacted on relevant web contexts
handler = new PredicateHandler(exchange -> {
if (!monitor.getSecurityRealm().isPresent()) {
return false;
}
if (Queries.isAggregatorEndpoint(monitor, exchange.getRelativePath())) {
return true;
}
if (Queries.isDirectAccessToHealthEndpoint(monitor, exchange.getRelativePath())) {
if (!hasTokenAuth(exchange)) {
return true;
}
return false;
}
if (HttpContexts.getDefaultContextNames().contains(exchange.getRelativePath())) {
return true;
}
return false;
}, handler, toWrap);
return handler;
}
Also used :
DigestQop(io.undertow.security.impl.DigestQop)
BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism)
HttpServerExchange(io.undertow.server.HttpServerExchange)
NamingException(javax.naming.NamingException)
SecurityRealm(org.jboss.as.domain.management.SecurityRealm)
SecurityInitialHandler(io.undertow.security.handlers.SecurityInitialHandler)
ArrayList(java.util.ArrayList)
AuthenticationMechanismsHandler(io.undertow.security.handlers.AuthenticationMechanismsHandler)
DigestAlgorithm(io.undertow.security.idm.DigestAlgorithm)
AuthenticationMechanismWrapper(org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper)
PredicateHandler(io.undertow.server.handlers.PredicateHandler)
CachedAuthenticatedSessionMechanism(io.undertow.security.impl.CachedAuthenticatedSessionMechanism)
DigestQop(io.undertow.security.impl.DigestQop)
DigestAuthenticationMechanism(io.undertow.security.impl.DigestAuthenticationMechanism)
Vetoed(javax.enterprise.inject.Vetoed)
AuthenticationConstraintHandler(io.undertow.security.handlers.AuthenticationConstraintHandler)
Set(java.util.Set)
AuthenticationMode(io.undertow.security.api.AuthenticationMode)
AuthMechanism(org.jboss.as.domain.management.AuthMechanism)
HttpHandler(io.undertow.server.HttpHandler)
List(java.util.List)
SimpleNonceManager(io.undertow.security.impl.SimpleNonceManager)
AuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism)
RealmIdentityManager(org.jboss.as.domain.http.server.security.RealmIdentityManager)
AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler)
Optional(java.util.Optional)
Collections(java.util.Collections)
HttpHandler(io.undertow.server.HttpHandler)
AuthenticationConstraintHandler(io.undertow.security.handlers.AuthenticationConstraintHandler)
DigestAuthenticationMechanism(io.undertow.security.impl.DigestAuthenticationMechanism)
CachedAuthenticatedSessionMechanism(io.undertow.security.impl.CachedAuthenticatedSessionMechanism)
BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism)
DigestAuthenticationMechanism(io.undertow.security.impl.DigestAuthenticationMechanism)
AuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism)
RealmIdentityManager(org.jboss.as.domain.http.server.security.RealmIdentityManager)
ArrayList(java.util.ArrayList)
PredicateHandler(io.undertow.server.handlers.PredicateHandler)
SimpleNonceManager(io.undertow.security.impl.SimpleNonceManager)
AuthMechanism(org.jboss.as.domain.management.AuthMechanism)
SecurityInitialHandler(io.undertow.security.handlers.SecurityInitialHandler)
AuthenticationMechanismsHandler(io.undertow.security.handlers.AuthenticationMechanismsHandler)
AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler)
BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism)
DigestAlgorithm(io.undertow.security.idm.DigestAlgorithm)
Example 4 with DigestAuthenticationMechanism
use of io.undertow.security.impl.DigestAuthenticationMechanism in project undertow by undertow-io.
the class DigestAuthentication2069TestCase method getTestMechanisms.
@Override
protected List<AuthenticationMechanism> getTestMechanisms() {
List<DigestQop> qopList = Collections.emptyList();
AuthenticationMechanism mechanism = new DigestAuthenticationMechanism(Collections.singletonList(DigestAlgorithm.MD5), qopList, REALM_NAME, "/", new SimpleNonceManager());
return Collections.singletonList(mechanism);
}
Also used :
DigestQop(io.undertow.security.impl.DigestQop)
DigestAuthenticationMechanism(io.undertow.security.impl.DigestAuthenticationMechanism)
DigestAuthenticationMechanism(io.undertow.security.impl.DigestAuthenticationMechanism)
AuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism)
SimpleNonceManager(io.undertow.security.impl.SimpleNonceManager)
Aggregations
AuthenticationMechanism (io.undertow.security.api.AuthenticationMechanism)4
DigestAuthenticationMechanism (io.undertow.security.impl.DigestAuthenticationMechanism)4
AuthenticationCallHandler (io.undertow.security.handlers.AuthenticationCallHandler)3
AuthenticationConstraintHandler (io.undertow.security.handlers.AuthenticationConstraintHandler)3
AuthenticationMechanismsHandler (io.undertow.security.handlers.AuthenticationMechanismsHandler)3
SecurityInitialHandler (io.undertow.security.handlers.SecurityInitialHandler)3
DigestQop (io.undertow.security.impl.DigestQop)3
SimpleNonceManager (io.undertow.security.impl.SimpleNonceManager)3
HttpHandler (io.undertow.server.HttpHandler)3
AuthenticationMode (io.undertow.security.api.AuthenticationMode)2
DigestAlgorithm (io.undertow.security.idm.DigestAlgorithm)2
BasicAuthenticationMechanism (io.undertow.security.impl.BasicAuthenticationMechanism)2
CachedAuthenticatedSessionMechanism (io.undertow.security.impl.CachedAuthenticatedSessionMechanism)2
HttpServerExchange (io.undertow.server.HttpServerExchange)2
PredicateHandler (io.undertow.server.handlers.PredicateHandler)2
ArrayList (java.util.ArrayList)2
Collections (java.util.Collections)2
List (java.util.List)2
Optional (java.util.Optional)2
Set (java.util.Set)2
