Package io.undertow.security.api.AuthenticatedSessionManager

Examples of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession


            return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
        }
    }

    public AuthenticationMechanismOutcome runCached(final HttpServerExchange exchange, final SecurityContext securityContext, final AuthenticatedSessionManager sessionManager) {
        AuthenticatedSession authSession = sessionManager.lookupSession(exchange);
        if (authSession != null) {
            Account account = securityContext.getIdentityManager().verify(authSession.getAccount());
            if (account != null) {
                securityContext.authenticationComplete(account, authSession.getMechanism(), false);
                return AuthenticationMechanismOutcome.AUTHENTICATED;
            } else {
                sessionManager.clearSession(exchange);
                // We know we had a previously authenticated account but for some reason the IdentityManager is no longer
                // accepting it, we now
View Full Code Here


            return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
        }
    }

    public AuthenticationMechanismOutcome runCached(final HttpServerExchange exchange, final SecurityContext securityContext, final AuthenticatedSessionManager sessionManager) {
        AuthenticatedSession authSession = sessionManager.lookupSession(exchange);
        if (authSession != null) {
            Account account = securityContext.getIdentityManager().verify(authSession.getAccount());
            if (account != null) {
                securityContext.authenticationComplete(account, authSession.getMechanism(), false);
                return AuthenticationMechanismOutcome.AUTHENTICATED;
            } else {
                sessionManager.clearSession(exchange);
                // We know we had a previously authenticated account but for some reason the IdentityManager is no longer
                // accepting it, safer to mark as a failed authentication.
View Full Code Here

                        HttpSession session = servletContext.getSession(notification.getExchange(), true);
                        // It is normal for this notification to be received when using a previously cached session - in that
                        // case the IDM would have been given an opportunity to re-load the Account so updating here ready for
                        // the next request is desired.
                        session.setAttribute(ATTRIBUTE_NAME,
                                new AuthenticatedSession(notification.getAccount(), notification.getMechanism()));
                    }
                    break;
                case LOGGED_OUT:
                    HttpSession session = servletContext.getSession(notification.getExchange(), false);
                    if (session != null) {
View Full Code Here

    @Override
    public SingleSignOn createSingleSignOn(Account account, String mechanism) {
        String id = this.manager.createIdentifier();
        Batch batch = this.manager.getBatcher().createBatch();
        AuthenticatedSession session = new AuthenticatedSession(account, mechanism);
        SSO<AuthenticatedSession, String, Void> sso = this.manager.createSSO(id, session);
        return new DistributableSingleSignOn(sso, this.registry, batch);
    }
View Full Code Here

        SingleSignOn result = this.subject.createSingleSignOn(account, mechanism);

        assertNotNull(result);

        AuthenticatedSession capturedAuthentication = authenticationCaptor.getValue();
        assertNotNull(capturedAuthentication);
        assertSame(capturedAuthentication.getAccount(), account);
        assertSame(capturedAuthentication.getMechanism(), mechanism);

        verifyNoMoreInteractions(batch);
    }
View Full Code Here

    public Object getAttribute(String name) {
        Session<LocalSessionContext> session = this.entry.getKey();
        try (BatchContext context = this.manager.getSessionManager().getBatcher().resumeBatch(this.batch)) {
            if (AUTHENTICATED_SESSION_ATTRIBUTE_NAME.equals(name)) {
                Account account = (Account) session.getAttributes().getAttribute(name);
                return (account != null) ? new AuthenticatedSession(account, HttpServletRequest.FORM_AUTH) : session.getLocalContext().getAuthenticatedSession();
            }
            return session.getAttributes().getAttribute(name);
        }
    }
View Full Code Here

            return this.removeAttribute(name);
        }
        Session<LocalSessionContext> session = this.entry.getKey();
        try (BatchContext context = this.manager.getSessionManager().getBatcher().resumeBatch(this.batch)) {
            if (AUTHENTICATED_SESSION_ATTRIBUTE_NAME.equals(name)) {
                AuthenticatedSession authSession = (AuthenticatedSession) value;
                // If using FORM authentication, we store the corresponding Account in a session attribute
                if (authSession.getMechanism().equals(HttpServletRequest.FORM_AUTH)) {
                    Account account = (Account) session.getAttributes().setAttribute(name, authSession.getAccount());
                    return (account != null) ? new AuthenticatedSession(account, HttpServletRequest.FORM_AUTH) : null;
                }
                // Otherwise we store the whole AuthenticatedSession in the local context
                LocalSessionContext localContext = session.getLocalContext();
                AuthenticatedSession old = localContext.getAuthenticatedSession();
                localContext.setAuthenticatedSession(authSession);
                return old;
            }
            if (!(value instanceof Serializable)) {
                throw new IllegalArgumentException(new NotSerializableException(value.getClass().getName()));
View Full Code Here

        Session<LocalSessionContext> session = this.entry.getKey();
        try (BatchContext context = this.manager.getSessionManager().getBatcher().resumeBatch(this.batch)) {
            if (AUTHENTICATED_SESSION_ATTRIBUTE_NAME.equals(name)) {
                Account account = (Account) session.getAttributes().removeAttribute(name);
                if (account != null) {
                    return new AuthenticatedSession(account, HttpServletRequest.FORM_AUTH);
                }
                LocalSessionContext localContext = session.getLocalContext();
                AuthenticatedSession old = localContext.getAuthenticatedSession();
                localContext.setAuthenticatedSession(null);
                return old;
            }
            Object old = session.getAttributes().removeAttribute(name);
            if (old != null) {
View Full Code Here

    @Test
    public void getAccount() {
        Account account = mock(Account.class);
        String mechanism = HttpServletRequest.BASIC_AUTH;
        AuthenticatedSession authentication = new AuthenticatedSession(account, mechanism);

        when(this.sso.getAuthentication()).thenReturn(authentication);

        Account result = this.subject.getAccount();
View Full Code Here

    @Test
    public void getMechanismName() {
        Account account = mock(Account.class);
        String mechanism = HttpServletRequest.CLIENT_CERT_AUTH;
        AuthenticatedSession authentication = new AuthenticatedSession(account, mechanism);

        when(this.sso.getAuthentication()).thenReturn(authentication);

        String result = this.subject.getMechanismName();
View Full Code Here

TOP

Related Classes of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.