Examples with FirstSuccessfulStrategyWith540 - org.killbill.billing.server.security.FirstSuccessfulStrategyWith540

Example 1 with FirstSuccessfulStrategyWith540

use of org.killbill.billing.server.security.FirstSuccessfulStrategyWith540 in project killbill by killbill.

the class ModularRealmAuthenticatorWith540 method doMultiRealmAuthentication.

/**
     * Performs the multi-realm authentication attempt by calling back to a {@link AuthenticationStrategy} object
     * as each realm is consulted for {@code AuthenticationInfo} for the specified {@code token}.
     *
     * @param realms the multiple realms configured on this Authenticator instance.
     * @param token  the submitted AuthenticationToken representing the subject's (user's) log-in principals and credentials.
     * @return an aggregated AuthenticationInfo instance representing account data across all the successfully
     * consulted realms.
     */
protected AuthenticationInfo doMultiRealmAuthentication(final Collection<Realm> realms, final AuthenticationToken token) {
    final AuthenticationStrategy strategy = getAuthenticationStrategy();
    AuthenticationInfo aggregate = strategy.beforeAllAttempts(realms, token);
    if (log.isTraceEnabled()) {
        log.trace("Iterating through {} realms for PAM authentication", realms.size());
    }
    for (final Realm realm : realms) {
        aggregate = strategy.beforeAttempt(realm, token, aggregate);
        if (realm.supports(token)) {
            log.trace("Attempting to authenticate token [{}] using realm [{}]", token, realm);
            AuthenticationInfo info = null;
            Throwable t = null;
            try {
                info = realm.getAuthenticationInfo(token);
            } catch (final Throwable throwable) {
                t = throwable;
                if (log.isDebugEnabled()) {
                    final String msg = "Realm [" + realm + "] threw an exception during a multi-realm authentication attempt:";
                    log.debug(msg, t);
                }
            }
            aggregate = strategy.afterAttempt(realm, token, info, aggregate, t);
            if (strategy instanceof FirstSuccessfulStrategyWith540) {
                // check if we should check the next realm, or just stop here.
                if (!((FirstSuccessfulStrategyWith540) strategy).continueAfterAttempt(info, aggregate, t)) {
                    log.trace("Will not consult any other realms for authentication, last realm [{}].", realm);
                    break;
                }
            }
        } else {
            log.debug("Realm [{}] does not support token {}.  Skipping realm.", realm, token);
        }
    }
    aggregate = strategy.afterAllAttempts(token, aggregate);
    return aggregate;
}

Also used : FirstSuccessfulStrategyWith540(org.killbill.billing.server.security.FirstSuccessfulStrategyWith540) Realm(org.apache.shiro.realm.Realm) AuthenticationInfo(org.apache.shiro.authc.AuthenticationInfo)

Aggregations

AuthenticationInfo (org.apache.shiro.authc.AuthenticationInfo)1 Realm (org.apache.shiro.realm.Realm)1 FirstSuccessfulStrategyWith540 (org.killbill.billing.server.security.FirstSuccessfulStrategyWith540)1