javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism Java Examples
The following examples show how to use
javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: TomEESecurityServerAuthModule.java From tomee with Apache License 2.0 | 5 votes |
|
@Override
public AuthStatus validateRequest(final MessageInfo messageInfo, final Subject clientSubject,
final Subject serviceSubject)
throws AuthException {
final HttpMessageContext httpMessageContext =
httpMessageContext(handler, messageInfo, clientSubject, serviceSubject);
final HttpAuthenticationMechanism authenticationMechanism =
CDI.current()
.select(TomEESecurityServletAuthenticationMechanismMapper.class)
.get()
.getCurrentAuthenticationMechanism(httpMessageContext);
final AuthenticationStatus authenticationStatus;
try {
authenticationStatus =
authenticationMechanism.validateRequest(httpMessageContext.getRequest(),
httpMessageContext.getResponse(),
httpMessageContext);
} catch (final AuthenticationException e) {
final AuthException authException = new AuthException(e.getMessage());
authException.initCause(e);
throw authException;
}
return mapToAuthStatus(authenticationStatus);
}
Example #2
| Source File: TomEESecurityServletAuthenticationMechanismMapper.java From tomee with Apache License 2.0 | 5 votes |
|
public void init(@Observes @Initialized(ApplicationScoped.class) final ServletContext context) {
final Map<String, ? extends ServletRegistration> servletRegistrations = context.getServletRegistrations();
servletRegistrations.forEach((servletName, servletRegistration) -> {
try {
final Class<?> servletClass = Thread.currentThread().getContextClassLoader().loadClass(servletName);
if (servletClass.isAnnotationPresent(BasicAuthenticationMechanismDefinition.class)) {
servletAuthenticationMapper.put(servletName,
CDI.current().select(BasicAuthenticationMechanism.class).get());
}
if (servletClass.isAnnotationPresent(FormAuthenticationMechanismDefinition.class)) {
servletAuthenticationMapper.put(servletName,
CDI.current().select(FormAuthenticationMechanism.class).get());
}
} catch (final ClassNotFoundException e) {
// Ignore
}
});
final Set<HttpAuthenticationMechanism> availableBeans =
authenticationMechanisms.stream().collect(Collectors.toSet());
availableBeans.removeAll(servletAuthenticationMapper.values());
availableBeans.remove(defaultAuthenticationMechanism);
if (availableBeans.size() == 1) {
defaultAuthenticationMechanism.setDelegate(availableBeans.iterator().next());
} else if (availableBeans.size() > 1) {
throw new IllegalStateException(
"Multiple HttpAuthenticationMechanism found " +
availableBeans.stream()
.map(b -> substringBefore(b.getClass().getSimpleName(), "$$"))
.collect(toList()) + " " +
"without a @WebServlet association. " +
"Deploy a single one for the application, or associate it with a @WebServlet.");
}
}
Example #3
| Source File: TomEESecurityServletAuthenticationMechanismMapper.java From tomee with Apache License 2.0 | 5 votes |
|
public HttpAuthenticationMechanism getCurrentAuthenticationMechanism(final HttpMessageContext httpMessageContext) {
final HttpServletRequest request = httpMessageContext.getRequest();
if (request.getRequestURI().endsWith("j_security_check")) {
return CDI.current().select(FormAuthenticationMechanism.class).get();
}
final String servletName = request.getHttpServletMapping().getServletName();
return servletAuthenticationMapper.getOrDefault(servletName, defaultAuthenticationMechanism);
}
Example #4
| Source File: DefaultAuthenticationMechanism.java From tomee with Apache License 2.0 | 4 votes |
|
void setDelegate(final HttpAuthenticationMechanism delegate) {
this.delegate = delegate;
}
