Package io.undertow.security.impl

Class GenericHeaderAuthenticationMechanism

java.lang.Object

io.undertow.security.impl.GenericHeaderAuthenticationMechanism

All Implemented Interfaces:

AuthenticationMechanism

public class GenericHeaderAuthenticationMechanism
extends java.lang.Object
implements AuthenticationMechanism

A authentication mechanism that requires the presence of two headers in the request. One of these will be used as a principal and the other as a password credential.

Author:

Stuart Douglas

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	GenericHeaderAuthenticationMechanism.Factory

Nested classes/interfaces inherited from interface io.undertow.security.api.AuthenticationMechanism

AuthenticationMechanism.AuthenticationMechanismOutcome, AuthenticationMechanism.ChallengeResult

Field Summary

Fields

Modifier and Type	Field	Description
static java.lang.String	IDENTITY_HEADER
static java.lang.String	NAME
static java.lang.String	SESSION_HEADER

Constructor Summary

Constructors

Constructor	Description
GenericHeaderAuthenticationMechanism(java.lang.String mechanismName, java.util.List<HttpString> identityHeaders, java.util.List<java.lang.String> sessionCookieNames, IdentityManager identityManager)

Method Summary

Modifier and Type	Method	Description
AuthenticationMechanism.AuthenticationMechanismOutcome	authenticate(HttpServerExchange exchange, SecurityContext securityContext)	Perform authentication of the request.
AuthenticationMechanism.ChallengeResult	sendChallenge(HttpServerExchange exchange, SecurityContext securityContext)	Send an authentication challenge to the remote client.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

NAME

public static final java.lang.String NAME

See Also:

Constant Field Values

IDENTITY_HEADER

public static final java.lang.String IDENTITY_HEADER

See Also:

Constant Field Values

SESSION_HEADER

public static final java.lang.String SESSION_HEADER

See Also:

Constant Field Values

Constructor Detail

GenericHeaderAuthenticationMechanism

public GenericHeaderAuthenticationMechanism(java.lang.String mechanismName,
                                            java.util.List<HttpString> identityHeaders,
                                            java.util.List<java.lang.String> sessionCookieNames,
                                            IdentityManager identityManager)

Method Detail

authenticate

public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange,
                                                                           SecurityContext securityContext)

Description copied from interface: AuthenticationMechanism

Perform authentication of the request. Any potentially blocking work should be performed in the handoff executor provided

Specified by:

authenticate in interface AuthenticationMechanism

Parameters:

exchange - The exchange

Returns:

sendChallenge

public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange exchange,
                                                             SecurityContext securityContext)

Description copied from interface: AuthenticationMechanism

Send an authentication challenge to the remote client.

The individual mechanisms should update the response headers and body of the message as appropriate however they should not set the response code, instead that should be indicated in the AuthenticationMechanism.ChallengeResult and the most appropriate overall response code will be selected. This method should not return null.

Specified by:

sendChallenge in interface AuthenticationMechanism

Parameters:

exchange - The exchange

securityContext - The security context

Returns:

A AuthenticationMechanism.ChallengeResult indicating if a challenge was sent and the desired response code.