本文整理汇总了Java中io.undertow.security.api.SecurityContext类的典型用法代码示例。如果您正苦于以下问题:Java SecurityContext类的具体用法?Java SecurityContext怎么用?Java SecurityContext使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
SecurityContext类属于io.undertow.security.api包,在下文中一共展示了SecurityContext类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: handleRequest
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
/**
* Only allow the request through if successfully authenticated or if authentication is not required.
*
* @see io.undertow.server.HttpHandler#handleRequest(io.undertow.server.HttpServerExchange)
*/
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
if(exchange.isInIoThread()) {
exchange.dispatch(this);
return;
}
SecurityContext context = exchange.getSecurityContext();
if (context.authenticate()) {
if(!exchange.isComplete()) {
next.handleRequest(exchange);
}
} else {
if(exchange.getResponseCode() >= StatusCodes.BAD_REQUEST && !exchange.isComplete()) {
ServletRequestContext src = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
src.getOriginalResponse().sendError(exchange.getResponseCode());
} else {
exchange.endExchange();
}
}
}
示例2: handleRequest
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
ServletRequest request = servletRequestContext.getServletRequest();
if (request.getDispatcherType() == DispatcherType.REQUEST) {
List<SingleConstraintMatch> constraints = servletRequestContext.getRequiredConstrains();
SecurityContext sc = exchange.getSecurityContext();
if (!authorizationManager.canAccessResource(constraints, sc.getAuthenticatedAccount(), servletRequestContext.getCurrentServlet().getManagedServlet().getServletInfo(), servletRequestContext.getOriginalRequest(), servletRequestContext.getDeployment())) {
HttpServletResponse response = (HttpServletResponse) servletRequestContext.getServletResponse();
response.sendError(StatusCodes.FORBIDDEN);
return;
}
}
next.handleRequest(exchange);
}
示例3: handleRequest
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
/**
* Only allow the request through if successfully authenticated or if authentication is not required.
*
* @see io.undertow.server.HttpHandler#handleRequest(io.undertow.server.HttpServerExchange)
*/
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
if(exchange.isInIoThread()) {
exchange.dispatch(this);
return;
}
SecurityContext context = exchange.getSecurityContext();
if (context.authenticate()) {
if(!exchange.isComplete()) {
next.handleRequest(exchange);
}
} else {
exchange.endExchange();
}
}
示例4: runCached
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
public AuthenticationMechanismOutcome runCached(final HttpServerExchange exchange, final SecurityContext securityContext, final AuthenticatedSessionManager sessionManager) {
AuthenticatedSession authSession = sessionManager.lookupSession(exchange);
if (authSession != null) {
Account account = securityContext.getIdentityManager().verify(authSession.getAccount());
if (account != null) {
securityContext.authenticationComplete(account, authSession.getMechanism(), false);
return AuthenticationMechanismOutcome.AUTHENTICATED;
} else {
sessionManager.clearSession(exchange);
// We know we had a previously authenticated account but for some reason the IdentityManager is no longer
// accepting it, we now
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
} else {
// It is possible an AuthenticatedSessionManager could have been available even if there was no chance of it
// loading a session.
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
}
示例5: authenticate
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
@Override
public boolean authenticate(final HttpServletResponse response) throws IOException, ServletException {
if (response.isCommitted()) {
throw UndertowServletMessages.MESSAGES.responseAlreadyCommited();
}
SecurityContext sc = exchange.getSecurityContext();
sc.setAuthenticationRequired();
// TODO: this will set the status code and headers without going through any potential
// wrappers, is this a problem?
if (sc.authenticate()) {
if (sc.isAuthenticated()) {
return true;
} else {
throw UndertowServletMessages.MESSAGES.authenticationFailed();
}
} else {
if(!exchange.isResponseStarted() && exchange.getResponseCode() == 200) {
throw UndertowServletMessages.MESSAGES.authenticationFailed();
} else {
return false;
}
}
}
示例6: handleRequest
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
/**
* Only allow the request through if successfully authenticated or if authentication is not required.
*
* @throws java.lang.Exception
* @see io.undertow.server.HttpHandler#handleRequest(io.undertow.server.HttpServerExchange)
*/
@Override
public void handleRequest(HttpServerExchange exchange, RequestContext context) throws Exception {
if(exchange.isInIoThread()) {
exchange.dispatch(this);
return;
}
SecurityContext rcontext = exchange.getSecurityContext();
if (rcontext.authenticate()) {
if(!exchange.isComplete()) {
next(exchange, context);
}
} else {
exchange.endExchange();
}
}
示例7: SecurityHandler
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
public SecurityHandler(HttpHandler next) {
if (NONE.equals(securityMode)) {
internalHandler = next::handleRequest;
} else {
final Map<String, char[]> users = new HashMap<>(2);
users.put("userOne", "passwordOne".toCharArray());
users.put("userTwo", "passwordTwo".toCharArray());
final IdentityManager identityManager = new MapIdentityManager(users);
internalHandler = addSecurity(exchange -> {
SecurityContext securityContext = exchange.getAttachment(SecurityContext.ATTACHMENT_KEY);
if (securityContext.isAuthenticated()) {
exchange.setResponseCode(FOUND);
exchange.endExchange();
} else {
next.handleRequest(exchange);
}
}, identityManager);
}
}
示例8: handleRequest
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
/**
* @see io.undertow.server.HttpHandler#handleRequest(io.undertow.server.HttpServerExchange)
*/
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
if (isAuthenticationRequired(exchange)) {
SecurityContext context = exchange.getSecurityContext();
context.setAuthenticationRequired();
}
next.handleRequest(exchange);
}
示例9: handleRequest
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
/**
* @see io.undertow.server.HttpHandler#handleRequest(io.undertow.server.HttpServerExchange)
*/
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
SecurityContext newContext = this.contextFactory.createSecurityContext(exchange, authenticationMode, identityManager,
programaticMechName);
SecurityActions.setSecurityContext(exchange, newContext);
next.handleRequest(exchange);
}
示例10: handleRequest
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
final SecurityContext sc = exchange.getSecurityContext();
if(sc != null) {
for(AuthenticationMechanism mechanism : authenticationMechanisms) {
sc.addAuthenticationMechanism(mechanism);
}
}
next.handleRequest(exchange);
}
示例11: setSecurityContext
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
static void setSecurityContext(final HttpServerExchange exchange, final SecurityContext securityContext) {
if (System.getSecurityManager() == null) {
exchange.setSecurityContext(securityContext);
} else {
AccessController.doPrivileged(new PrivilegedAction<Object>() {
@Override
public Object run() {
exchange.setSecurityContext(securityContext);
return null;
}
});
}
}
示例12: handleRequest
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
SecurityContext sc = exchange.getSecurityContext();
for (NotificationReceiver receiver : receivers) {
sc.registerNotificationReceiver(receiver);
}
next.handleRequest(exchange);
}
示例13: authenticate
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
@Override
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) {
String principal = exchange.getAttachment(EXTERNAL_PRINCIPAL);
if(principal == null) {
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
Account account = securityContext.getIdentityManager().verify(principal, ExternalCredential.INSTANCE);
if(account == null) {
return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
}
String name = exchange.getAttachment(EXTERNAL_AUTHENTICATION_TYPE);
securityContext.authenticationComplete(account, name != null ? name: this.name, false);
return AuthenticationMechanismOutcome.AUTHENTICATED;
}
示例14: wrap
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
@Override
public StreamSinkConduit wrap(ConduitFactory<StreamSinkConduit> factory, HttpServerExchange exchange) {
SecurityContext sc = exchange.getSecurityContext();
Account account = sc.getAuthenticatedAccount();
if (account != null) {
try (SingleSignOn sso = manager.createSingleSignOn(account, sc.getMechanismName())) {
Session session = getSession(exchange);
registerSessionIfRequired(sso, session);
exchange.getResponseCookies().put(cookieName, new CookieImpl(cookieName, sso.getId()).setHttpOnly(httpOnly).setSecure(secure).setDomain(domain).setPath(path));
}
}
return factory.create();
}
示例15: authenticate
import io.undertow.security.api.SecurityContext; //导入依赖的package包/类
@Override
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) {
AuthenticatedSessionManager sessionManager = exchange.getAttachment(AuthenticatedSessionManager.ATTACHMENT_KEY);
if (sessionManager != null) {
return runCached(exchange, securityContext, sessionManager);
} else {
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
}