Package org.openremote.container.security.basic

Class BasicIdentityProvider.BasicFixAuthenticationMechanism

java.lang.Object
io.undertow.security.impl.BasicAuthenticationMechanism
org.openremote.container.security.basic.BasicIdentityProvider.BasicFixAuthenticationMechanism
All Implemented Interfaces:
io.undertow.security.api.AuthenticationMechanism
Enclosing class:
BasicIdentityProvider
protected static class BasicIdentityProvider.BasicFixAuthenticationMechanism extends io.undertow.security.impl.BasicAuthenticationMechanism
This is a fix for BasicAuthenticationMechanism which doesn't conform to RFC2617. see: https://issues.redhat.com/browse/UNDERTOW-1727

When no Headers.AUTHORIZATION header is supplied then a 401 is returned with Headers.WWW_AUTHENTICATE header unless silent is true in which case a 403 will be returned.

When an Headers.AUTHORIZATION header is supplied and is valid then the request can proceed otherwise a 403 is returned.

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    protected static class 
    BasicIdentityProvider.BasicFixAuthenticationMechanism.Factory
     

    Nested classes/interfaces inherited from interface io.undertow.security.api.AuthenticationMechanism

    io.undertow.security.api.AuthenticationMechanism.AuthenticationMechanismOutcome, io.undertow.security.api.AuthenticationMechanism.ChallengeResult

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static BasicIdentityProvider.BasicFixAuthenticationMechanism.Factory
    FACTORY
     

    Fields inherited from class io.undertow.security.impl.BasicAuthenticationMechanism

    CHARSET, SILENT, USER_AGENT_CHARSETS

  • Constructor Summary

    Constructors
    Constructor
    Description
    BasicFixAuthenticationMechanism(String realmName, String mechanismName, boolean silent, io.undertow.security.idm.IdentityManager identityManager, Charset charset, Map<Pattern,Charset> userAgentCharsets)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    io.undertow.security.api.AuthenticationMechanism.AuthenticationMechanismOutcome
    authenticate(io.undertow.server.HttpServerExchange exchange, io.undertow.security.api.SecurityContext securityContext)
     
    io.undertow.security.api.AuthenticationMechanism.ChallengeResult
    sendChallenge(io.undertow.server.HttpServerExchange exchange, io.undertow.security.api.SecurityContext securityContext)
     

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • BasicFixAuthenticationMechanism

      public BasicFixAuthenticationMechanism(String realmName, String mechanismName, boolean silent, io.undertow.security.idm.IdentityManager identityManager, Charset charset, Map<Pattern,Charset> userAgentCharsets)

  • Method Details

    • authenticate

      public io.undertow.security.api.AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(io.undertow.server.HttpServerExchange exchange, io.undertow.security.api.SecurityContext securityContext)
      Specified by:
      authenticate in interface io.undertow.security.api.AuthenticationMechanism
      Overrides:
      authenticate in class io.undertow.security.impl.BasicAuthenticationMechanism

    • sendChallenge

      public io.undertow.security.api.AuthenticationMechanism.ChallengeResult sendChallenge(io.undertow.server.HttpServerExchange exchange, io.undertow.security.api.SecurityContext securityContext)
      Specified by:
      sendChallenge in interface io.undertow.security.api.AuthenticationMechanism
      Overrides:
      sendChallenge in class io.undertow.security.impl.BasicAuthenticationMechanism