Package io.undertow.servlet.api

Examples of io.undertow.servlet.api.LoginConfig

255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
     *
     * @param initialHandler The handler to wrap with security handlers
     */
    private HttpHandler setupSecurityHandlers(HttpHandler initialHandler) {
        final DeploymentInfo deploymentInfo = deployment.getDeploymentInfo();
        final LoginConfig loginConfig = deploymentInfo.getLoginConfig();

        final Map<String, AuthenticationMechanismFactory> factoryMap = new HashMap<String, AuthenticationMechanismFactory>(deploymentInfo.getAuthenticationMechanisms());
        if(!factoryMap.containsKey(BASIC_AUTH)) {
            factoryMap.put(BASIC_AUTH, BasicAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(FORM_AUTH)) {
            factoryMap.put(FORM_AUTH, ServletFormAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(DIGEST_AUTH)) {
            factoryMap.put(DIGEST_AUTH, DigestAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(CLIENT_CERT_AUTH)) {
            factoryMap.put(CLIENT_CERT_AUTH, ClientCertAuthenticationMechanism.FACTORY);
        }
        HttpHandler current = initialHandler;
        current = new SSLInformationAssociationHandler(current);

        final SecurityPathMatches securityPathMatches = buildSecurityConstraints();
        current = new AuthenticationCallHandler(current);
        if (!securityPathMatches.isEmpty()) {
            current = new ServletAuthenticationConstraintHandler(current);
        }
        current = new ServletConfidentialityConstraintHandler(deploymentInfo.getConfidentialPortManager(), current);
        if (!securityPathMatches.isEmpty()) {
            current = new ServletSecurityConstraintHandler(securityPathMatches, current);
        }

        String mechName = null;
        if (loginConfig != null || deploymentInfo.getJaspiAuthenticationMechanism() != null) {
            List<AuthenticationMechanism> authenticationMechanisms = new LinkedList<AuthenticationMechanism>();
            authenticationMechanisms.add(new CachedAuthenticatedSessionMechanism()); //TODO: does this really need to be hard coded?

            //we don't allow multipart requests, and always use the default encoding
            FormParserFactory parser = FormParserFactory.builder(false)
                    .addParser(new FormEncodedDataDefinition().setDefaultEncoding(deploymentInfo.getDefaultEncoding()))
                    .build();

            List<AuthMethodConfig> authMethods = Collections.<AuthMethodConfig>emptyList();
            if(loginConfig != null) {
                authMethods = loginConfig.getAuthMethods();
            }

            for(AuthMethodConfig method : authMethods) {
                AuthenticationMechanismFactory factory = factoryMap.get(method.getName());
                if(factory == null) {
                    throw UndertowServletMessages.MESSAGES.unknownAuthenticationMechanism(method.getName());
                }
                if(mechName == null) {
                    mechName = method.getName();
                }

                final Map<String, String> properties = new HashMap<String, String>();
                properties.put(AuthenticationMechanismFactory.CONTEXT_PATH, deploymentInfo.getContextPath());
                properties.put(AuthenticationMechanismFactory.REALM, loginConfig.getRealmName());
                properties.put(AuthenticationMechanismFactory.ERROR_PAGE, loginConfig.getErrorPage());
                properties.put(AuthenticationMechanismFactory.LOGIN_PAGE, loginConfig.getLoginPage());
                properties.putAll(method.getProperties());

                String name = method.getName().toUpperCase();
                // The mechanism name is passed in from the HttpServletRequest interface as the name reported needs to be
                // comparable using '=='
View Full Code Here
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
     *
     * @param initialHandler The handler to wrap with security handlers
     */
    private HttpHandler setupSecurityHandlers(HttpHandler initialHandler) {
        final DeploymentInfo deploymentInfo = deployment.getDeploymentInfo();
        final LoginConfig loginConfig = deploymentInfo.getLoginConfig();

        final Map<String, AuthenticationMechanismFactory> factoryMap = new HashMap<String, AuthenticationMechanismFactory>(deploymentInfo.getAuthenticationMechanisms());
        if(!factoryMap.containsKey(BASIC_AUTH)) {
            factoryMap.put(BASIC_AUTH, BasicAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(FORM_AUTH)) {
            factoryMap.put(FORM_AUTH, ServletFormAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(DIGEST_AUTH)) {
            factoryMap.put(DIGEST_AUTH, DigestAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(CLIENT_CERT_AUTH)) {
            factoryMap.put(CLIENT_CERT_AUTH, ClientCertAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(ExternalAuthenticationMechanism.NAME)) {
            factoryMap.put(ExternalAuthenticationMechanism.NAME, ExternalAuthenticationMechanism.FACTORY);
        }
        HttpHandler current = initialHandler;
        current = new SSLInformationAssociationHandler(current);

        final SecurityPathMatches securityPathMatches = buildSecurityConstraints();
        current = new ServletAuthenticationCallHandler(current);
        if(deploymentInfo.isDisableCachingForSecuredPages()) {
            current = Handlers.predicate(Predicates.authRequired(), Handlers.disableCache(current), current);
        }
        if (!securityPathMatches.isEmpty()) {
            current = new ServletAuthenticationConstraintHandler(current);
        }
        current = new ServletConfidentialityConstraintHandler(deploymentInfo.getConfidentialPortManager(), current);
        if (!securityPathMatches.isEmpty()) {
            current = new ServletSecurityConstraintHandler(securityPathMatches, current);
        }
        List<AuthenticationMechanism> authenticationMechanisms = new LinkedList<AuthenticationMechanism>();
        authenticationMechanisms.add(new CachedAuthenticatedSessionMechanism()); //TODO: does this really need to be hard coded?

        String mechName = null;
        if (loginConfig != null || deploymentInfo.getJaspiAuthenticationMechanism() != null) {

            //we don't allow multipart requests, and always use the default encoding
            FormParserFactory parser = FormParserFactory.builder(false)
                    .addParser(new FormEncodedDataDefinition().setDefaultEncoding(deploymentInfo.getDefaultEncoding()))
                    .build();

            List<AuthMethodConfig> authMethods = Collections.<AuthMethodConfig>emptyList();
            if(loginConfig != null) {
                authMethods = loginConfig.getAuthMethods();
            }

            for(AuthMethodConfig method : authMethods) {
                AuthenticationMechanismFactory factory = factoryMap.get(method.getName());
                if(factory == null) {
                    throw UndertowServletMessages.MESSAGES.unknownAuthenticationMechanism(method.getName());
                }
                if(mechName == null) {
                    mechName = method.getName();
                }

                final Map<String, String> properties = new HashMap<String, String>();
                properties.put(AuthenticationMechanismFactory.CONTEXT_PATH, deploymentInfo.getContextPath());
                properties.put(AuthenticationMechanismFactory.REALM, loginConfig.getRealmName());
                properties.put(AuthenticationMechanismFactory.ERROR_PAGE, loginConfig.getErrorPage());
                properties.put(AuthenticationMechanismFactory.LOGIN_PAGE, loginConfig.getLoginPage());
                properties.putAll(method.getProperties());

                String name = method.getName().toUpperCase(Locale.US);
                // The mechanism name is passed in from the HttpServletRequest interface as the name reported needs to be
                // comparable using '=='
View Full Code Here
139
140
141
142
143
144
145
    private Servlets() {
    }

    public static LoginConfig loginConfig(String realmName, String loginPage, String errorPage) {
        return new LoginConfig(realmName, loginPage, errorPage);
    }
View Full Code Here
143
144
145
146
147
148
149
    public static LoginConfig loginConfig(String realmName, String loginPage, String errorPage) {
        return new LoginConfig(realmName, loginPage, errorPage);
    }

    public static LoginConfig loginConfig(final String realmName) {
        return new LoginConfig(realmName);
    }
View Full Code Here
147
148
149
150
151
152
153
    public static LoginConfig loginConfig(final String realmName) {
        return new LoginConfig(realmName);
    }

    public static LoginConfig loginConfig(String mechanismName, String realmName, String loginPage, String errorPage) {
        return new LoginConfig(mechanismName, realmName, loginPage, errorPage);
    }
View Full Code Here
151
152
153
154
155
156
157
    public static LoginConfig loginConfig(String mechanismName, String realmName, String loginPage, String errorPage) {
        return new LoginConfig(mechanismName, realmName, loginPage, errorPage);
    }

    public static LoginConfig loginConfig(String mechanismName, final String realmName) {
        return new LoginConfig(mechanismName, realmName);
    }
View Full Code Here
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
     *
     * @param initialHandler The handler to wrap with security handlers
     */
    private HttpHandler setupSecurityHandlers(HttpHandler initialHandler) {
        final DeploymentInfo deploymentInfo = deployment.getDeploymentInfo();
        final LoginConfig loginConfig = deploymentInfo.getLoginConfig();

        final Map<String, AuthenticationMechanismFactory> factoryMap = new HashMap<String, AuthenticationMechanismFactory>(deploymentInfo.getAuthenticationMechanisms());
        if(!factoryMap.containsKey(BASIC_AUTH)) {
            factoryMap.put(BASIC_AUTH, BasicAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(FORM_AUTH)) {
            factoryMap.put(FORM_AUTH, ServletFormAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(DIGEST_AUTH)) {
            factoryMap.put(DIGEST_AUTH, DigestAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(CLIENT_CERT_AUTH)) {
            factoryMap.put(CLIENT_CERT_AUTH, ClientCertAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(ExternalAuthenticationMechanism.NAME)) {
            factoryMap.put(ExternalAuthenticationMechanism.NAME, ExternalAuthenticationMechanism.FACTORY);
        }
        HttpHandler current = initialHandler;
        current = new SSLInformationAssociationHandler(current);

        final SecurityPathMatches securityPathMatches = buildSecurityConstraints();
        current = new ServletAuthenticationCallHandler(current);
        if(deploymentInfo.isDisableCachingForSecuredPages()) {
            current = Handlers.predicate(Predicates.authRequired(), Handlers.disableCache(current), current);
        }
        if (!securityPathMatches.isEmpty()) {
            current = new ServletAuthenticationConstraintHandler(current);
        }
        current = new ServletConfidentialityConstraintHandler(deploymentInfo.getConfidentialPortManager(), current);
        if (!securityPathMatches.isEmpty()) {
            current = new ServletSecurityConstraintHandler(securityPathMatches, current);
        }
        List<AuthenticationMechanism> authenticationMechanisms = new LinkedList<AuthenticationMechanism>();
        authenticationMechanisms.add(new CachedAuthenticatedSessionMechanism()); //TODO: does this really need to be hard coded?

        String mechName = null;
        if (loginConfig != null || deploymentInfo.getJaspiAuthenticationMechanism() != null) {

            //we don't allow multipart requests, and always use the default encoding
            FormParserFactory parser = FormParserFactory.builder(false)
                    .addParser(new FormEncodedDataDefinition().setDefaultEncoding(deploymentInfo.getDefaultEncoding()))
                    .build();

            List<AuthMethodConfig> authMethods = Collections.<AuthMethodConfig>emptyList();
            if(loginConfig != null) {
                authMethods = loginConfig.getAuthMethods();
            }

            for(AuthMethodConfig method : authMethods) {
                AuthenticationMechanismFactory factory = factoryMap.get(method.getName());
                if(factory == null) {
                    throw UndertowServletMessages.MESSAGES.unknownAuthenticationMechanism(method.getName());
                }
                if(mechName == null) {
                    mechName = method.getName();
                }

                final Map<String, String> properties = new HashMap<String, String>();
                properties.put(AuthenticationMechanismFactory.CONTEXT_PATH, deploymentInfo.getContextPath());
                properties.put(AuthenticationMechanismFactory.REALM, loginConfig.getRealmName());
                properties.put(AuthenticationMechanismFactory.ERROR_PAGE, loginConfig.getErrorPage());
                properties.put(AuthenticationMechanismFactory.LOGIN_PAGE, loginConfig.getLoginPage());
                properties.putAll(method.getProperties());

                String name = method.getName().toUpperCase(Locale.US);
                // The mechanism name is passed in from the HttpServletRequest interface as the name reported needs to be
                // comparable using '=='
View Full Code Here
157
158
159
160
161
162
163
    private Servlets() {
    }

    public static LoginConfig loginConfig(String realmName, String loginPage, String errorPage) {
        return new LoginConfig(realmName, loginPage, errorPage);
    }
View Full Code Here
161
162
163
164
165
166
167
    public static LoginConfig loginConfig(String realmName, String loginPage, String errorPage) {
        return new LoginConfig(realmName, loginPage, errorPage);
    }

    public static LoginConfig loginConfig(final String realmName) {
        return new LoginConfig(realmName);
    }
View Full Code Here
165
166
167
168
169
170
171
    public static LoginConfig loginConfig(final String realmName) {
        return new LoginConfig(realmName);
    }

    public static LoginConfig loginConfig(String mechanismName, String realmName, String loginPage, String errorPage) {
        return new LoginConfig(mechanismName, realmName, loginPage, errorPage);
    }
View Full Code Here
TOP

Related Classes of io.undertow.servlet.api.LoginConfig

  • io.undertow.servlet.core.DeploymentManagerImpl
  • io.undertow.servlet.Servlets
  • io.undertow.servlet.test.defaultservlet.WelcomeFileSecurityTestCase
  • io.undertow.servlet.test.security.constraint.EmptyRoleSemanticTestCase
  • io.undertow.servlet.test.security.constraint.SecurityConstraintUrlMappingTestCase
  • io.undertow.servlet.test.security.custom.ServletCustomAuthTestCase
  • io.undertow.servlet.test.security.digest.DigestAuthTestCase
  • io.undertow.servlet.test.security.form.SaveOriginalPostRequestTestCase
  • io.undertow.servlet.test.security.form.ServletFormAuthTestCase
  • io.undertow.servlet.test.security.login.ServletLoginTestCase
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.