/** * @see org.eclipse.jetty.security.authentication.LoginAuthenticator#login(java.lang.String, java.lang.Object, javax.servlet.ServletRequest) */ @Override public UserIdentity login(String username, Object password, ServletRequest request) { UserIdentity user = _loginService.login(username, password); if (user != null) { renewSession((HttpServletRequest)request, null); HttpSession session = ((HttpServletRequest)request).getSession(true); if (session != null) { SessionAuthentication sessionAuth = new SessionAuthentication(getAuthMethod(), user, password); session.setAttribute(SessionAuthentication.__J_AUTHENTICATED, sessionAuth); } } return user; }
public boolean secureResponse(ServletRequest req, ServletResponse res, boolean mandatory, User validatedUser) throws ServerAuthException { JaspiMessageInfo info = (JaspiMessageInfo) req.getAttribute("org.eclipse.jetty.security.jaspi.info"); if (info == null) throw new NullPointerException("MessageInfo from request missing: " + req); return secureResponse(info, validatedUser); }
@Override protected Authenticator getHandlerAuthenticator() { JaspiAuthenticatorFactory jaspiAuthenticatorFactory = new JaspiAuthenticatorFactory(); jaspiAuthenticatorFactory.setLoginService(getHandlerLoginService()); HashMap<String, ServerAuthContext> serverAuthContextMap = new HashMap<>(); ServletCallbackHandler callbackHandler = new ServletCallbackHandler(getHandlerLoginService()); ServerAuthModule authModule = new BasicAuthModule(callbackHandler, "JAASRealm"); serverAuthContextMap.put("authContextID", new ServerAuthContextImpl(Collections.singletonList(authModule))); ServerAuthContextType serverAuthContextType = new ServerAuthContextType("HTTP", "server *", "authContextID", new AuthModuleType<ServerAuthModule>()); ServerAuthConfigType serverAuthConfigType = new ServerAuthConfigType(serverAuthContextType, true); ServerAuthConfig serverAuthConfig = new ServerAuthConfigImpl(serverAuthConfigType, serverAuthContextMap); return new JaspiAuthenticator(serverAuthConfig, null, callbackHandler, new Subject(), true, getHandlerIdentityService()); }
public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException { JaspiMessageInfo info = new JaspiMessageInfo(request, response, mandatory); request.setAttribute("org.eclipse.jetty.security.jaspi.info", info); Authentication a = validateRequest(info); //if its not mandatory to authenticate, and the authenticator returned UNAUTHENTICATED, we treat it as authentication deferred if (_allowLazyAuthentication && !info.isAuthMandatory() && a == Authentication.UNAUTHENTICATED) a = new DeferredAuthentication(this); return a; }
return cached; return new UserAuthentication(getAuthMethod(), userIdentity);
for (String key : configuration.getInitParameterNames()) map.put(key,configuration.getInitParameter(key)); authenticator= new JaspiAuthenticator(serverAuthConfig,map,servletCallbackHandler, serviceSubject,true, identityService);
public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException { JaspiMessageInfo info = new JaspiMessageInfo(request, response, mandatory); request.setAttribute("org.eclipse.jetty.security.jaspi.info", info); Authentication a = validateRequest(info); //if its not mandatory to authenticate, and the authenticator returned UNAUTHENTICATED, we treat it as authentication deferred if (_allowLazyAuthentication && !info.isAuthMandatory() && a == Authentication.UNAUTHENTICATED) a = new DeferredAuthentication(this); return a; }
return cached; return new UserAuthentication(getAuthMethod(), userIdentity);
/** * @see org.eclipse.jetty.security.authentication.LoginAuthenticator#login(java.lang.String, java.lang.Object, javax.servlet.ServletRequest) */ @Override public UserIdentity login(String username, Object password, ServletRequest request) { UserIdentity user = _loginService.login(username, password); if (user != null) { renewSession((HttpServletRequest)request, null); HttpSession session = ((HttpServletRequest)request).getSession(true); if (session != null) { SessionAuthentication sessionAuth = new SessionAuthentication(getAuthMethod(), user, password); session.setAttribute(SessionAuthentication.__J_AUTHENTICATED, sessionAuth); } } return user; }
for (String key : configuration.getInitParameterNames()) map.put(key,configuration.getInitParameter(key)); authenticator= new JaspiAuthenticator(serverAuthConfig,map,servletCallbackHandler, serviceSubject,true, identityService);
public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException { JaspiMessageInfo info = new JaspiMessageInfo(request, response, mandatory); request.setAttribute("org.eclipse.jetty.security.jaspi.info", info); Authentication a = validateRequest(info); //if its not mandatory to authenticate, and the authenticator returned UNAUTHENTICATED, we treat it as authentication deferred if (_allowLazyAuthentication && !info.isAuthMandatory() && a == Authentication.UNAUTHENTICATED) a = new DeferredAuthentication(this); return a; }
public boolean secureResponse(ServletRequest req, ServletResponse res, boolean mandatory, User validatedUser) throws ServerAuthException { JaspiMessageInfo info = (JaspiMessageInfo) req.getAttribute("org.eclipse.jetty.security.jaspi.info"); if (info == null) throw new NullPointerException("MessageInfo from request missing: " + req); return secureResponse(info, validatedUser); }
return cached; return new UserAuthentication(getAuthMethod(), userIdentity);
/** * @see org.eclipse.jetty.security.authentication.LoginAuthenticator#login(java.lang.String, java.lang.Object, javax.servlet.ServletRequest) */ @Override public UserIdentity login(String username, Object password, ServletRequest request) { UserIdentity user = _loginService.login(username, password); if (user != null) { renewSession((HttpServletRequest)request, null); HttpSession session = ((HttpServletRequest)request).getSession(true); if (session != null) { SessionAuthentication sessionAuth = new SessionAuthentication(getAuthMethod(), user, password); session.setAttribute(SessionAuthentication.__J_AUTHENTICATED, sessionAuth); } } return user; }
for (String key : configuration.getInitParameterNames()) map.put(key,configuration.getInitParameter(key)); authenticator= new JaspiAuthenticator(serverAuthConfig,map,servletCallbackHandler, serviceSubject,true, identityService);
public boolean secureResponse(ServletRequest req, ServletResponse res, boolean mandatory, User validatedUser) throws ServerAuthException { JaspiMessageInfo info = (JaspiMessageInfo) req.getAttribute("org.eclipse.jetty.security.jaspi.info"); if (info == null) throw new NullPointerException("MessageInfo from request missing: " + req); return secureResponse(info, validatedUser); }