本文整理汇总了Java中javax.security.enterprise.authentication.mechanism.http.HttpMessageContext.notifyContainerAboutLogin方法的典型用法代码示例。如果您正苦于以下问题:Java HttpMessageContext.notifyContainerAboutLogin方法的具体用法?Java HttpMessageContext.notifyContainerAboutLogin怎么用?Java HttpMessageContext.notifyContainerAboutLogin使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.security.enterprise.authentication.mechanism.http.HttpMessageContext
的用法示例。
在下文中一共展示了HttpMessageContext.notifyContainerAboutLogin方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response,
HttpMessageContext httpMessageContext) throws AuthenticationException {
// ...
String name = request.getParameter("name");
String password = request.getParameter("password");
if (name != null && password != null) {
CredentialValidationResult result = identityStoreHandler.validate(new UsernamePasswordCredential(name, password));
return httpMessageContext.notifyContainerAboutLogin(result);
}
return httpMessageContext.doNothing();
}
开发者ID:PacktPublishing,项目名称:Architecting-Modern-Java-EE-Applications,代码行数:17,代码来源:TestAuthenticationMechanism.java
示例2: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader != null && authorizationHeader.startsWith(BEARER)) {
String token = authorizationHeader.substring(BEARER.length());
JWTCredential credential = tokenHandler.retrieveCredential(token);
if (credential == null) {
httpMessageContext.responseUnauthorized();
}
CredentialValidationResult result = identityStoreHandler.validate(credential);
if (result.getStatus() == VALID) {
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.responseUnauthorized();
}
示例3: validateToken
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入方法依赖的package包/类
/**
* To validate the JWT token e.g Signature check, JWT claims check(expiration) etc
*
* @param token The JWT access tokens
* @param context
* @return the AuthenticationStatus to notify the container
*/
private AuthenticationStatus validateToken(String token, HttpMessageContext context) {
try {
if (tokenProvider.validateToken(token)) {
JwtCredential credential = tokenProvider.getCredential(token);
//fire an @Authenticated CDI event.
authenticatedEvent.fire(new UserInfo(credential.getPrincipal(), credential.getAuthorities()));
return context.notifyContainerAboutLogin(credential.getPrincipal(), credential.getAuthorities());
}
// if token invalid, response with unauthorized status
return context.responseUnauthorized();
} catch (ExpiredJwtException eje) {
LOGGER.log(Level.INFO, "Security exception for user {0} - {1}", new String[]{eje.getClaims().getSubject(), eje.getMessage()});
return context.responseUnauthorized();
}
}
示例4: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthException {
String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader != null && authorizationHeader.startsWith(BEARER)) {
String token = authorizationHeader.substring(BEARER.length());
JWTCredential credential = tokenHandler.retrieveCredential(token);
CredentialValidationResult result = identityStore.validate(credential);
if (result.getStatus() == VALID) {
// Communicate the details of the authenticated user to the
// container. In many cases the underlying handler will just store the details
// and the container will actually handle the login after we return from
// this method.
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
throw new AuthException("Login failed");
}
}
return httpMessageContext.doNothing();
}
示例5: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
if (request.getHeader("MY-API-KEY") != null && request.getHeader("MY-API-KEY") != null) {
final String key = request.getHeader("MY-API-KEY");
if (key != null && key.equalsIgnoreCase("DUKE ROCKS")) {
return httpMessageContext.notifyContainerAboutLogin(
"app", new HashSet<>(asList("foo")));
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.doNothing();
}
示例6: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
if (request.getParameter("login:username") != null && request.getParameter("login:password") != null) {
String name = request.getParameter("login:username");
Password password = new Password(request.getParameter("login:password"));
CredentialValidationResult result = identityStore.validate(
new UsernamePasswordCredential(name, password));
if (result.getStatus() == VALID) {
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.doNothing();
}
示例7: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(
HttpServletRequest request,
HttpServletResponse response,
HttpMessageContext context) throws AuthenticationException {
Credential credential = context.getAuthParameters().getCredential();
if (credential != null) {
return context.notifyContainerAboutLogin(identityStore.validate(credential));
} else {
return context.doNothing();
}
}
示例8: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest req, HttpServletResponse res, HttpMessageContext context) {
CredentialValidationResult result = idStoreHandler.validate(
new UsernamePasswordCredential(
req.getParameter("name"), req.getParameter("password")));
if (result.getStatus() == VALID) {
return context.notifyContainerAboutLogin(result);
} else {
return context.responseUnauthorized();
}
}
示例9: createToken
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入方法依赖的package包/类
/**
* Create the JWT using CredentialValidationResult received from IdentityStoreHandler
*
* @param result the result from validation of UsernamePasswordCredential
* @param context
* @return the AuthenticationStatus to notify the container
*/
private AuthenticationStatus createToken(CredentialValidationResult result, HttpMessageContext context) {
if (!isRememberMe(context)) {
String jwt = tokenProvider.createToken(result.getCallerPrincipal().getName(), result.getCallerGroups(), false);
context.getResponse().setHeader(HttpHeaders.AUTHORIZATION, AUTHORIZATION_PREFIX + jwt);
}
//fire an @Authenticated CDI event.
authenticatedEvent.fire(new UserInfo(result.getCallerPrincipal().getName(), result.getCallerGroups()));
return context.notifyContainerAboutLogin(result.getCallerPrincipal(), result.getCallerGroups());
}
示例10: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
final String name = request.getParameter("name");
final String pwd = request.getParameter("password");
if (name != null && pwd != null ) {
// Get the (caller) name and password from the request
// NOTE: This is for the smallest possible example only. In practice
// putting the password in a request query parameter is highly
// insecure
Password password = new Password(pwd);
// Delegate the {credentials in -> identity data out} function to
// the Identity Store
CredentialValidationResult result = identityStoreHandler.validate(
new UsernamePasswordCredential(name, password));
if (result.getStatus() == VALID) {
// Communicate the details of the authenticated user to the
// container. In many cases the underlying handler will just store the details
// and the container will actually handle the login after we return from
// this method.
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
}
return httpMessageContext.responseUnauthorized();
}
return httpMessageContext.doNothing();
}
示例11: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
if (request.getParameter("name") != null && request.getParameter("password") != null) {
// Get the (caller) name and password from the request
// NOTE: This is for the smallest possible example only. In practice
// putting the password in a request query parameter is highly
// insecure
String name = request.getParameter("name");
Password password = new Password(request.getParameter("password"));
// Delegate the {credentials in -> identity data out} function to
// the Identity Store
CredentialValidationResult result = identityStore.validate(
new UsernamePasswordCredential(name, password));
if (result.getStatus() == VALID) {
// Communicate the details of the authenticated user to the
// container. In many cases the underlying handler will just store the details
// and the container will actually handle the login after we return from
// this method.
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.doNothing();
}