Package io.undertow.security.impl

Class AbstractSecurityContext

    • Constructor Detail

      • AbstractSecurityContext

        protected AbstractSecurityContext​(HttpServerExchange exchange)

    • Method Detail

      • setAuthenticationRequired

        public void setAuthenticationRequired()
        Description copied from interface: SecurityContext
        Marks this request as requiring authentication. Authentication challenge headers will only be sent if this method has been called. If SecurityContext.authenticate() is called without first calling this method then the request will continue as normal even if the authentication was not successful.
        Specified by:
        setAuthenticationRequired in interface SecurityContext

      • isAuthenticationRequired

        public boolean isAuthenticationRequired()
        Description copied from interface: SecurityContext
        Returns true if authentication is required
        Specified by:
        isAuthenticationRequired in interface SecurityContext
        Returns:
        true If authentication is required

      • isAuthenticated

        public boolean isAuthenticated()
        Specified by:
        isAuthenticated in interface SecurityContext
        Returns:
        true if a user has been authenticated for this request, false otherwise.

      • getMechanismName

        public java.lang.String getMechanismName()
        Specified by:
        getMechanismName in interface SecurityContext
        Returns:
        The name of the mechanism used to authenticate the request.

      • authenticationComplete

        public void authenticationComplete​(Account account,
                                   java.lang.String mechanism,
                                   boolean cachingRequired)
        Description copied from interface: SecurityContext
        Called by the AuthenticationMechanism to indicate that an account has been successfully authenticated. Note: A successful verification of an account using the IdentityManager is not the same as a successful authentication decision, other factors could be taken into account to make the final decision.
        Specified by:
        authenticationComplete in interface SecurityContext
        Parameters:
        account - - The authenticated Account
        mechanism - - The name of the mechanism used to authenticate the account.
        cachingRequired - - If this mechanism requires caching

      • authenticationComplete

        protected void authenticationComplete​(Account account,
                                      java.lang.String mechanism,
                                      boolean programatic,
                                      boolean cachingRequired)

      • authenticationFailed

        public void authenticationFailed​(java.lang.String message,
                                 java.lang.String mechanism)
        Description copied from interface: SecurityContext
        Called by the AuthenticationMechanism to indicate that an authentication attempt has failed. This should only be called where an authentication attempt has truly failed, for authentication mechanisms where an additional round trip with the client is expected this should not be called. Where possible the failure message should contain the name of the identity that authentication was being attempted for, however as this is not always possible to identify in advance a generic message may be all that can be reported.
        Specified by:
        authenticationFailed in interface SecurityContext
        Parameters:
        message - - The message describing the failure.
        mechanism - - The name of the mechanism reporting the failure.