@Override public boolean isAuthenticated() { return wrapped.isAuthenticated(); }
@Override public boolean isAuthenticated() { return wrapped.isAuthenticated(); }
/** * Returns <code>true</code> if the user is authenticated and not remember-me. */ default boolean isFullyAuthenticated() { return isAuthenticated() && !isRememberMe(); } }
if(authc == null || !authc.isAuthenticated()){ return false;
@Override public boolean handleLoginRequest(Request request, Response response, LoginContext context) throws Throwable { if(!isLoginRequest(request, response, context)) { return false; } request.setAcceptValidationError(true); if(isGotoLoginView(request, response, context)) { Authentication authentication = sessionManager.getAuthentication(request); if(null != authentication && authentication.isAuthenticated()){ // user has login, go to login success view handleLoginSuccessView(request,response,context); }else { // go to login view handleLoginView(request, response, context); } }else { handleLoginAuthentication(request, response, context); } return true; }
protected State preHandleRequest(Request request, Response response, DefaultSecurityContextHolder context) throws Throwable { request.setSecurityContext(context); //Handles request if login if(config.isLoginEnabled() && handleLoginRequest(request, response, context)){ return State.INTERCEPTED; } //Handles request if logout. if(config.isLogoutEnabled() && handleLogoutRequest(request, response, context)) { return State.INTERCEPTED; } //Resolve authentication. State state = resolveAuthentication(request,response,context); if(state.isIntercepted()){ return state; } //Disable csrf if anonymous access. if(!context.getAuthentication().isAuthenticated()) { CSRF.ignore(request); } return State.CONTINUE; }
@Override public State postResolveAuthentication(Request request, Response response, AuthenticationContext context) throws Throwable { if(!request.getPath().equals(config.getAuthzEndpointPath())) { return State.CONTINUE; } OAuth2Params params = new RequestOAuth2Params(request); ResponseTypeHandler handler = getResponseTypeHandler(request, response, params); if(null == handler) { return State.INTERCEPTED; } Result<AuthzClient> result = handler.validateRequest(request, response, params); if(result.isIntercepted()) { return State.INTERCEPTED; } AuthzClient client = result.get(); //If user not authenticated, redirect to login url. Authentication authc = context.getAuthentication(); if(null == authc || !authc.isAuthenticated() || (authc instanceof ResAuthentication)) { //Expose view data. exposeViewData(request, params, client); return State.CONTINUE; } //Handle authentication. handleAuthenticated(request, response, new SimpleAuthzAuthentication(params, client, um.getUserDetails(authc.getUser()), authc), handler); //Intercepted. return State.INTERCEPTED; }
@Override public State postResolveAuthentication(Request request, Response response, AuthenticationContext context) throws Throwable { if(!request.getPath().equals(config.getAuthzEndpointPath())) { return State.CONTINUE; } OAuth2Params params = new RequestOAuth2Params(request); ResponseTypeHandler handler = getResponseTypeHandler(request, response, params); if(null == handler) { return State.INTERCEPTED; } Result<AuthzClient> result = handler.validateRequest(request, response, params); if(result.isIntercepted()) { return State.INTERCEPTED; } AuthzClient client = result.get(); //If user not authenticated, redirect to login url. Authentication authc = context.getAuthentication(); //todo: if(null == authc || !authc.isAuthenticated() || (authc instanceof ResAuthentication)) { if(null == authc || !authc.isAuthenticated()) { //Expose view data. exposeViewData(request, params, client); return State.CONTINUE; } //Handle authentication. handleAuthenticated(request, response, new SimpleAuthzAuthentication(params, client, um.getUserDetails(authc.getUser()), authc), handler); //Intercepted. return State.INTERCEPTED; }
if(authc == null || !authc.isAuthenticated()){ log.debug("path [{}] : not authenticated, deny the request.", pattern); return false;
if(authc.isAuthenticated()) { log.debug("Request authenticated to : {}", authc); }else{
if(authc.isAuthenticated() && !authc.isClientOnly()) { loginImmediately(request, response, authc);