Package io.undertow.security.impl
Class SecurityContextImpl
- java.lang.Object
-
- io.undertow.security.impl.AbstractSecurityContext
-
- io.undertow.security.impl.SecurityContextImpl
-
- All Implemented Interfaces:
AuthenticationMechanismContext,SecurityContext
public class SecurityContextImpl extends AbstractSecurityContext implements AuthenticationMechanismContext
The internal SecurityContext used to hold the state of security for the current exchange.- Author:
- Darran Lofthouse, Stuart Douglas
-
-
Field Summary
-
Fields inherited from class io.undertow.security.impl.AbstractSecurityContext
exchange
-
-
Constructor Summary
Constructors Constructor Description SecurityContextImpl(HttpServerExchange exchange, AuthenticationMode authenticationMode, IdentityManager identityManager)SecurityContextImpl(HttpServerExchange exchange, IdentityManager identityManager)
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description voidaddAuthenticationMechanism(AuthenticationMechanism handler)Adds an authentication mechanism to this context.booleanauthenticate()Performs authentication on the request.List<AuthenticationMechanism>getAuthenticationMechanisms()Deprecated.IdentityManagergetIdentityManager()Deprecated.booleanlogin(String username, String password)Attempts to log the user in using the provided credentials.voidlogout()de-authenticates the current exchange.voidsetProgramaticMechName(String programaticMechName)Set the name of the mechanism used for authentication to be reported if authentication was handled programatically.-
Methods inherited from class io.undertow.security.impl.AbstractSecurityContext
authenticationComplete, authenticationComplete, authenticationFailed, getAuthenticatedAccount, getMechanismName, isAuthenticated, isAuthenticationRequired, registerNotificationReceiver, removeNotificationReceiver, setAuthenticationRequired
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface io.undertow.security.api.SecurityContext
authenticationComplete, authenticationFailed, getAuthenticatedAccount, getMechanismName, isAuthenticated, isAuthenticationRequired, registerNotificationReceiver, removeNotificationReceiver, setAuthenticationRequired
-
-
-
-
Constructor Detail
-
SecurityContextImpl
public SecurityContextImpl(HttpServerExchange exchange, IdentityManager identityManager)
-
SecurityContextImpl
public SecurityContextImpl(HttpServerExchange exchange, AuthenticationMode authenticationMode, IdentityManager identityManager)
-
-
Method Detail
-
authenticate
public boolean authenticate()
Description copied from interface:SecurityContextPerforms authentication on the request. If authentication is REQUIRED then setAuthenticationRequired() should be called before calling this method. If the result indicates that a response has been sent to the client then no further attempts should be made to modify the response. The caller of this method is responsible for ending the exchange. If this method returnstrueit can still have committed the response (e.g. form auth redirects back to the original page). Callers should check that the exchange has not been ended before proceeding.- Specified by:
authenticatein interfaceSecurityContext- Returns:
trueif either the request is successfully authenticated or if there is no failure validating the current request so that the request should continue to be processed,falseif authentication was not completed and challenge has been prepared for the client.
-
setProgramaticMechName
public void setProgramaticMechName(String programaticMechName)
Set the name of the mechanism used for authentication to be reported if authentication was handled programatically.- Parameters:
programaticMechName-
-
addAuthenticationMechanism
public void addAuthenticationMechanism(AuthenticationMechanism handler)
Description copied from interface:AuthenticationMechanismContextAdds an authentication mechanism to this context. WhenSecurityContext.authenticate()is called mechanisms will be iterated over in the order they are added, and given a chance to authenticate the user.- Specified by:
addAuthenticationMechanismin interfaceAuthenticationMechanismContext- Specified by:
addAuthenticationMechanismin interfaceSecurityContext- Parameters:
handler- The mechanism to add
-
getAuthenticationMechanisms
@Deprecated public List<AuthenticationMechanism> getAuthenticationMechanisms()
Deprecated.- Specified by:
getAuthenticationMechanismsin interfaceSecurityContext- Returns:
- A list of all authentication mechanisms in this context
-
getIdentityManager
@Deprecated public IdentityManager getIdentityManager()
Deprecated.Description copied from interface:SecurityContextObtain the associatedIdentityManagerto use to make account verification decisions.- Specified by:
getIdentityManagerin interfaceSecurityContext- Returns:
- The associated
IdentityManager
-
login
public boolean login(String username, String password)
Description copied from interface:SecurityContextAttempts to log the user in using the provided credentials. This result will be stored in the currentAuthenticatedSessionManager(if any), so subsequent requests will automatically be authenticated as this user.This operation may block
- Specified by:
loginin interfaceSecurityContext- Parameters:
username- The usernamepassword- The password- Returns:
trueif the login succeeded, false otherwise
-
logout
public void logout()
Description copied from interface:SecurityContextde-authenticates the current exchange.- Specified by:
logoutin interfaceSecurityContext- Overrides:
logoutin classAbstractSecurityContext
-
-