本文整理汇总了Java中javax.security.enterprise.identitystore.CredentialValidationResult.getStatus方法的典型用法代码示例。如果您正苦于以下问题:Java CredentialValidationResult.getStatus方法的具体用法?Java CredentialValidationResult.getStatus怎么用?Java CredentialValidationResult.getStatus使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.security.enterprise.identitystore.CredentialValidationResult
的用法示例。
在下文中一共展示了CredentialValidationResult.getStatus方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader != null && authorizationHeader.startsWith(BEARER)) {
String token = authorizationHeader.substring(BEARER.length());
JWTCredential credential = tokenHandler.retrieveCredential(token);
if (credential == null) {
httpMessageContext.responseUnauthorized();
}
CredentialValidationResult result = identityStoreHandler.validate(credential);
if (result.getStatus() == VALID) {
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.responseUnauthorized();
}
示例2: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthException {
String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader != null && authorizationHeader.startsWith(BEARER)) {
String token = authorizationHeader.substring(BEARER.length());
JWTCredential credential = tokenHandler.retrieveCredential(token);
CredentialValidationResult result = identityStore.validate(credential);
if (result.getStatus() == VALID) {
// Communicate the details of the authenticated user to the
// container. In many cases the underlying handler will just store the details
// and the container will actually handle the login after we return from
// this method.
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
throw new AuthException("Login failed");
}
}
return httpMessageContext.doNothing();
}
示例3: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
if (request.getParameter("login:username") != null && request.getParameter("login:password") != null) {
String name = request.getParameter("login:username");
Password password = new Password(request.getParameter("login:password"));
CredentialValidationResult result = identityStore.validate(
new UsernamePasswordCredential(name, password));
if (result.getStatus() == VALID) {
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.doNothing();
}
示例4: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest req, HttpServletResponse res, HttpMessageContext context) {
CredentialValidationResult result = idStoreHandler.validate(
new UsernamePasswordCredential(
req.getParameter("name"), req.getParameter("password")));
if (result.getStatus() == VALID) {
return context.notifyContainerAboutLogin(result);
} else {
return context.responseUnauthorized();
}
}
示例5: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext context) {
LOGGER.log(Level.INFO, "validateRequest: {0}", request.getRequestURI());
// Get the (caller) name and password from the request
// NOTE: This is for the smallest possible example only. In practice
// putting the password in a request query parameter is highly insecure
String name = request.getParameter("username");
String password = request.getParameter("password");
String token = extractToken(context);
if (name != null && password != null
&& "POST".equals(request.getMethod())
&& request.getRequestURI().endsWith("/auth/login")) {
LOGGER.log(Level.INFO, "user credentials : {0}, {1}", new String[]{name, password});
// validation of the credential using the identity store
CredentialValidationResult result = identityStoreHandler.validate(new UsernamePasswordCredential(name, password));
if (result.getStatus() == CredentialValidationResult.Status.VALID) {
// Communicate the details of the authenticated user to the container and return SUCCESS.
return createToken(result, context);
}
// if the authentication failed, we return the unauthorized status in the http response
return context.responseUnauthorized();
} else if (token != null) {
// validation of the jwt credential
return validateToken(token, context);
} else if (context.isProtected()) {
// A protected resource is a resource for which a constraint has been defined.
// if there are no credentials and the resource is protected, we response with unauthorized status
return context.responseUnauthorized();
}
// there are no credentials AND the resource is not protected,
// SO Instructs the container to "do nothing"
return context.doNothing();
}
示例6: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
final String name = request.getParameter("name");
final String pwd = request.getParameter("password");
if (name != null && pwd != null ) {
// Get the (caller) name and password from the request
// NOTE: This is for the smallest possible example only. In practice
// putting the password in a request query parameter is highly
// insecure
Password password = new Password(pwd);
// Delegate the {credentials in -> identity data out} function to
// the Identity Store
CredentialValidationResult result = identityStoreHandler.validate(
new UsernamePasswordCredential(name, password));
if (result.getStatus() == VALID) {
// Communicate the details of the authenticated user to the
// container. In many cases the underlying handler will just store the details
// and the container will actually handle the login after we return from
// this method.
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
}
return httpMessageContext.responseUnauthorized();
}
return httpMessageContext.doNothing();
}
示例7: validateRequest
import javax.security.enterprise.identitystore.CredentialValidationResult; //导入方法依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
if (request.getParameter("name") != null && request.getParameter("password") != null) {
// Get the (caller) name and password from the request
// NOTE: This is for the smallest possible example only. In practice
// putting the password in a request query parameter is highly
// insecure
String name = request.getParameter("name");
Password password = new Password(request.getParameter("password"));
// Delegate the {credentials in -> identity data out} function to
// the Identity Store
CredentialValidationResult result = identityStore.validate(
new UsernamePasswordCredential(name, password));
if (result.getStatus() == VALID) {
// Communicate the details of the authenticated user to the
// container. In many cases the underlying handler will just store the details
// and the container will actually handle the login after we return from
// this method.
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.doNothing();
}