Package io.undertow.security.impl

Class FormAuthenticationMechanism

java.lang.Object

io.undertow.security.impl.FormAuthenticationMechanism

All Implemented Interfaces:

AuthenticationMechanism

public class FormAuthenticationMechanism
extends java.lang.Object
implements AuthenticationMechanism

Author:

Stuart Douglas

Nested Class Summary

Nested classes/interfaces inherited from interface io.undertow.security.api.AuthenticationMechanism

AuthenticationMechanism.AuthenticationMechanismOutcome, AuthenticationMechanism.ChallengeResult

Field Summary

Fields

Modifier and Type	Field	Description
protected int	authenticationSessionTimeout	If the authentication process creates a session, this is the maximum session timeout (in seconds) during the authentication process.
static java.lang.String	DEFAULT_POST_LOCATION
static java.lang.String	LOCATION_ATTRIBUTE
protected static java.lang.String	ORIGINAL_SESSION_TIMEOUT

Constructor Summary

Constructors

Constructor	Description
FormAuthenticationMechanism(FormParserFactory formParserFactory, java.lang.String name, java.lang.String loginPage, java.lang.String errorPage)
FormAuthenticationMechanism(FormParserFactory formParserFactory, java.lang.String name, java.lang.String loginPage, java.lang.String errorPage, IdentityManager identityManager)
FormAuthenticationMechanism(FormParserFactory formParserFactory, java.lang.String name, java.lang.String loginPage, java.lang.String errorPage, java.lang.String postLocation)
FormAuthenticationMechanism(FormParserFactory formParserFactory, java.lang.String name, java.lang.String loginPage, java.lang.String errorPage, java.lang.String postLocation, IdentityManager identityManager)
FormAuthenticationMechanism(java.lang.String name, java.lang.String loginPage, java.lang.String errorPage)
FormAuthenticationMechanism(java.lang.String name, java.lang.String loginPage, java.lang.String errorPage, java.lang.String postLocation)

Method Summary

Modifier and Type	Method	Description
AuthenticationMechanism.AuthenticationMechanismOutcome	authenticate(HttpServerExchange exchange, SecurityContext securityContext)	Perform authentication of the request.
protected void	handleRedirectBack(HttpServerExchange exchange)
protected void	restoreOriginalSessionTimeout(HttpServerExchange exchange)
protected void	restoreOriginalSessionTimeout(Session session)
AuthenticationMechanism.AuthenticationMechanismOutcome	runFormAuth(HttpServerExchange exchange, SecurityContext securityContext)
AuthenticationMechanism.ChallengeResult	sendChallenge(HttpServerExchange exchange, SecurityContext securityContext)	Send an authentication challenge to the remote client.
protected java.lang.Integer	servePage(HttpServerExchange exchange, java.lang.String location)
protected void	storeInitialLocation(HttpServerExchange exchange)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

LOCATION_ATTRIBUTE

public static final java.lang.String LOCATION_ATTRIBUTE

DEFAULT_POST_LOCATION

public static final java.lang.String DEFAULT_POST_LOCATION

See Also:

Constant Field Values

ORIGINAL_SESSION_TIMEOUT

protected static final java.lang.String ORIGINAL_SESSION_TIMEOUT

See Also:

Constant Field Values

authenticationSessionTimeout

protected final int authenticationSessionTimeout

If the authentication process creates a session, this is the maximum session timeout (in seconds) during the authentication process. Once authentication is complete, the default session timeout will apply. Sessions that exist before the authentication process starts will retain their original session timeout throughout.

See Also:

Constant Field Values

Constructor Detail

FormAuthenticationMechanism

public FormAuthenticationMechanism(java.lang.String name,
                                   java.lang.String loginPage,
                                   java.lang.String errorPage)

FormAuthenticationMechanism

public FormAuthenticationMechanism(java.lang.String name,
                                   java.lang.String loginPage,
                                   java.lang.String errorPage,
                                   java.lang.String postLocation)

FormAuthenticationMechanism

public FormAuthenticationMechanism(FormParserFactory formParserFactory,
                                   java.lang.String name,
                                   java.lang.String loginPage,
                                   java.lang.String errorPage)

FormAuthenticationMechanism

public FormAuthenticationMechanism(FormParserFactory formParserFactory,
                                   java.lang.String name,
                                   java.lang.String loginPage,
                                   java.lang.String errorPage,
                                   IdentityManager identityManager)

FormAuthenticationMechanism

public FormAuthenticationMechanism(FormParserFactory formParserFactory,
                                   java.lang.String name,
                                   java.lang.String loginPage,
                                   java.lang.String errorPage,
                                   java.lang.String postLocation)

FormAuthenticationMechanism

public FormAuthenticationMechanism(FormParserFactory formParserFactory,
                                   java.lang.String name,
                                   java.lang.String loginPage,
                                   java.lang.String errorPage,
                                   java.lang.String postLocation,
                                   IdentityManager identityManager)

Method Detail

authenticate

public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange,
                                                                           SecurityContext securityContext)

Description copied from interface: AuthenticationMechanism

Perform authentication of the request. Any potentially blocking work should be performed in the handoff executor provided

Specified by:

authenticate in interface AuthenticationMechanism

Parameters:

exchange - The exchange

Returns:

runFormAuth

public AuthenticationMechanism.AuthenticationMechanismOutcome runFormAuth(HttpServerExchange exchange,
                                                                          SecurityContext securityContext)

handleRedirectBack

protected void handleRedirectBack(HttpServerExchange exchange)

restoreOriginalSessionTimeout

protected void restoreOriginalSessionTimeout(HttpServerExchange exchange)

restoreOriginalSessionTimeout

protected void restoreOriginalSessionTimeout(Session session)

sendChallenge

public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange exchange,
                                                             SecurityContext securityContext)

Description copied from interface: AuthenticationMechanism

Send an authentication challenge to the remote client.

The individual mechanisms should update the response headers and body of the message as appropriate however they should not set the response code, instead that should be indicated in the AuthenticationMechanism.ChallengeResult and the most appropriate overall response code will be selected. This method should not return null.

Specified by:

sendChallenge in interface AuthenticationMechanism

Parameters:

exchange - The exchange

securityContext - The security context

Returns:

A AuthenticationMechanism.ChallengeResult indicating if a challenge was sent and the desired response code.

storeInitialLocation

protected void storeInitialLocation(HttpServerExchange exchange)

servePage

protected java.lang.Integer servePage(HttpServerExchange exchange,
                                      java.lang.String location)