KeycloakAuthenticatorValve (Keycloak 1.1.0.Beta1 API)

java.lang.Object
- org.apache.catalina.util.LifecycleBase
- - org.apache.catalina.util.LifecycleMBeanBase
  - - org.apache.catalina.valves.ValveBase
    - - org.apache.catalina.authenticator.AuthenticatorBase
      - org.apache.catalina.authenticator.FormAuthenticator
        
        org.keycloak.adapters.as7.KeycloakAuthenticatorValve

All Implemented Interfaces:

MBeanRegistration, org.apache.catalina.Authenticator, org.apache.catalina.Contained, org.apache.catalina.Lifecycle, org.apache.catalina.LifecycleListener, org.apache.catalina.Valve
```
public class KeycloakAuthenticatorValve
extends org.apache.catalina.authenticator.FormAuthenticator
implements org.apache.catalina.LifecycleListener
```
Web deployment whose security is managed by a remote OAuth Skeleton Key authentication server
Redirects browser to remote authentication server if not logged in. Also allows OAuth Bearer Token requests that contain a Skeleton Key bearer tokens.

Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields
Modifier and Type	Field and Description
`protected AdapterDeploymentContext`	`deploymentContext`
`protected NodesRegistrationManagement`	`nodesRegistrationManagement`
`static String`	`TOKEN_STORE_NOTE`
`protected CatalinaUserSessionManagement`	`userSessionManagement`

Fields inherited from class org.apache.catalina.authenticator.FormAuthenticator
characterEncoding, info, landingPage

Fields inherited from class org.apache.catalina.authenticator.AuthenticatorBase
alwaysUseSession, AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, REALM_NAME, securePagesWithPragma, secureRandomAlgorithm, secureRandomClass, secureRandomProvider, sessionIdGenerator, sm, sso

Fields inherited from class org.apache.catalina.valves.ValveBase
asyncSupported, container, containerLog, next

Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase
mserver

Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Constructor Summary

Constructors
Constructor and Description

KeycloakAuthenticatorValve()

Constructors
Constructor and Description
`KeycloakAuthenticatorValve()`

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`authenticate(org.apache.catalina.connector.Request request, javax.servlet.http.HttpServletResponse response, org.apache.catalina.deploy.LoginConfig config)`
`protected void`	`beforeStop()`
`protected void`	`checkKeycloakSession(org.apache.catalina.connector.Request request, HttpFacade facade)` Checks that access token is still valid.
`protected AdapterTokenStore`	`getTokenStore(org.apache.catalina.connector.Request request, HttpFacade facade, KeycloakDeployment resolvedDeployment)`
`protected void`	`init()`
`void`	`invoke(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response)`
`boolean`	`keycloakRestoreRequest(org.apache.catalina.connector.Request request)`
`void`	`keycloakSaveRequest(org.apache.catalina.connector.Request request)`
`void`	`lifecycleEvent(org.apache.catalina.LifecycleEvent event)`
`void`	`logout(org.apache.catalina.connector.Request request)`
`void`	`start()`

Methods inherited from class org.apache.catalina.authenticator.FormAuthenticator
forwardToErrorPage, forwardToLoginPage, getAuthMethod, getCharacterEncoding, getInfo, getLandingPage, matchRequest, restoreRequest, savedRequestURL, saveRequest, setCharacterEncoding, setLandingPage

Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBase
associate, authenticate, doLogin, getAlwaysUseSession, getCache, getChangeSessionIdOnAuthentication, getContainer, getDisableProxyCaching, getSecurePagesWithPragma, getSecureRandomAlgorithm, getSecureRandomClass, getSecureRandomProvider, login, reauthenticateFromSSO, register, setAlwaysUseSession, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setSecurePagesWithPragma, setSecureRandomAlgorithm, setSecureRandomClass, setSecureRandomProvider, startInternal, stopInternal

Methods inherited from class org.apache.catalina.valves.ValveBase
backgroundProcess, event, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setNext, toString

Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister

Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, removeLifecycleListener, setState, setState, stop

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

TOKEN_STORE_NOTE

public static final String TOKEN_STORE_NOTE

See Also:: Constant Field Values

userSessionManagement

protected CatalinaUserSessionManagement userSessionManagement

deploymentContext

protected AdapterDeploymentContext deploymentContext

nodesRegistrationManagement

protected NodesRegistrationManagement nodesRegistrationManagement

Constructor Detail
- KeycloakAuthenticatorValve
```
public KeycloakAuthenticatorValve()
```

Method Detail

start
```
public void start()
           throws org.apache.catalina.LifecycleException
```
Specified by:

start in interface org.apache.catalina.Lifecycle

Overrides:

start in class org.apache.catalina.util.LifecycleBase

Throws:

org.apache.catalina.LifecycleException

logout
```
public void logout(org.apache.catalina.connector.Request request)
            throws javax.servlet.ServletException
```
Specified by:

logout in interface org.apache.catalina.Authenticator

Overrides:

logout in class org.apache.catalina.authenticator.AuthenticatorBase

Throws:

javax.servlet.ServletException

lifecycleEvent
```
public void lifecycleEvent(org.apache.catalina.LifecycleEvent event)
```
Specified by:

lifecycleEvent in interface org.apache.catalina.LifecycleListener

init
```
protected void init()
```
Specified by:

init in interface org.apache.catalina.Lifecycle

Overrides:

init in class org.apache.catalina.util.LifecycleBase

beforeStop
```
protected void beforeStop()
```

invoke

public void invoke(org.apache.catalina.connector.Request request,
          org.apache.catalina.connector.Response response)
            throws IOException,
                   javax.servlet.ServletException

Specified by:: invoke in interface org.apache.catalina.Valve
Overrides:: invoke in class org.apache.catalina.authenticator.AuthenticatorBase
Throws:: IOException; javax.servlet.ServletException

authenticate

public boolean authenticate(org.apache.catalina.connector.Request request,
                   javax.servlet.http.HttpServletResponse response,
                   org.apache.catalina.deploy.LoginConfig config)
                     throws IOException

Specified by:: authenticate in interface org.apache.catalina.Authenticator
Overrides:: authenticate in class org.apache.catalina.authenticator.FormAuthenticator
Throws:: IOException

checkKeycloakSession

protected void checkKeycloakSession(org.apache.catalina.connector.Request request,
                        HttpFacade facade)

Checks that access token is still valid. Will attempt refresh of token if it is not.

Parameters:: request -

keycloakSaveRequest

public void keycloakSaveRequest(org.apache.catalina.connector.Request request)
                         throws IOException

Throws:: IOException

keycloakRestoreRequest

public boolean keycloakRestoreRequest(org.apache.catalina.connector.Request request)

getTokenStore

protected AdapterTokenStore getTokenStore(org.apache.catalina.connector.Request request,
                              HttpFacade facade,
                              KeycloakDeployment resolvedDeployment)

Class KeycloakAuthenticatorValve

Field Summary

Fields inherited from class org.apache.catalina.authenticator.FormAuthenticator

Fields inherited from class org.apache.catalina.authenticator.AuthenticatorBase

Fields inherited from class org.apache.catalina.valves.ValveBase

Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase

Fields inherited from interface org.apache.catalina.Lifecycle

Constructor Summary

Method Summary

Methods inherited from class org.apache.catalina.authenticator.FormAuthenticator

Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBase

Methods inherited from class org.apache.catalina.valves.ValveBase

Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase

Methods inherited from class org.apache.catalina.util.LifecycleBase

Methods inherited from class java.lang.Object

Field Detail

TOKEN_STORE_NOTE

userSessionManagement

deploymentContext

nodesRegistrationManagement

Constructor Detail

KeycloakAuthenticatorValve

Method Detail

start

logout

lifecycleEvent

init

beforeStop

invoke

authenticate

checkKeycloakSession

keycloakSaveRequest

keycloakRestoreRequest

getTokenStore