@Override public AuthenticationStatus responseUnauthorized() { return getWrapped().responseUnauthorized(); }
@Override public AuthenticationStatus responseUnauthorized() { return getWrapped().responseUnauthorized(); }
@Override public AuthenticationStatus responseUnauthorized() { return getWrapped().responseUnauthorized(); }
@Override public AuthenticationStatus responseUnauthorized() { return getWrapped().responseUnauthorized(); }
return context.responseUnauthorized(); } else if (token != null) { return context.responseUnauthorized();
/** * To validate the JWT token e.g Signature check, JWT claims * check(expiration) etc * * @param token The JWT access tokens * @param context * @return the AuthenticationStatus to notify the container */ private AuthenticationStatus validateToken(String token, HttpMessageContext context) { try { if (tokenProvider.validateToken(token)) { JWTCredential credential = tokenProvider.getCredential(token); return context.notifyContainerAboutLogin(credential.getPrincipal(), credential.getAuthorities()); } // if token invalid, response with unauthorized status return context.responseUnauthorized(); } catch (ExpiredJwtException eje) { LOGGER.log(Level.INFO, "Security exception for user {0} - {1}", new String[]{eje.getClaims().getSubject(), eje.getMessage()}); return context.responseUnauthorized(); } }
@Override public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMsgContext) throws AuthenticationException { String[] credentials = getCredentials(request); if (!isEmpty(credentials)) { IdentityStoreHandler identityStoreHandler = CDI.current().select(IdentityStoreHandler.class).get(); CredentialValidationResult result = identityStoreHandler.validate( new UsernamePasswordCredential(credentials[0], new Password(credentials[1]))); if (result.getStatus() == VALID) { return httpMsgContext.notifyContainerAboutLogin( result.getCallerPrincipal(), result.getCallerGroups()); } } if (httpMsgContext.isProtected()) { response.setHeader("WWW-Authenticate", format("Basic realm=\"%s\"", basicAuthenticationMechanismDefinition.realmName())); return httpMsgContext.responseUnauthorized(); } return httpMsgContext.doNothing(); }
@Override public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMsgContext) throws AuthenticationException { String[] credentials = getCredentials(request); if (!isEmpty(credentials)) { IdentityStoreHandler identityStoreHandler = CDI.current().select(IdentityStoreHandler.class).get(); CredentialValidationResult result = identityStoreHandler.validate( new UsernamePasswordCredential(credentials[0], new Password(credentials[1]))); if (result.getStatus() == VALID) { return httpMsgContext.notifyContainerAboutLogin( result.getCallerPrincipal(), result.getCallerGroups()); } } if (httpMsgContext.isProtected()) { response.setHeader("WWW-Authenticate", format("Basic realm=\"%s\"", basicAuthenticationMechanismDefinition.realmName())); return httpMsgContext.responseUnauthorized(); } return httpMsgContext.doNothing(); }