Package io.undertow.security.impl

Class AbstractSecurityContext

java.lang.Object
io.undertow.security.impl.AbstractSecurityContext
All Implemented Interfaces:
SecurityContext
Direct Known Subclasses:
SecurityContextImpl
public abstract class AbstractSecurityContext extends Object implements SecurityContext
A base class for SecurityContext implementations predominantly focusing on the notification handling allowing the specific implementation for focus on authentication.
Author:
Darran Lofthouse

  • Field Details

  • Constructor Details

    • AbstractSecurityContext

      protected AbstractSecurityContext(HttpServerExchange exchange)

  • Method Details

    • setAuthenticationRequired

      public void setAuthenticationRequired()
      Description copied from interface: SecurityContext
      Marks this request as requiring authentication. Authentication challenge headers will only be sent if this method has been called. If SecurityContext.authenticate() is called without first calling this method then the request will continue as normal even if the authentication was not successful.
      Specified by:
      setAuthenticationRequired in interface SecurityContext

    • isAuthenticationRequired

      public boolean isAuthenticationRequired()
      Description copied from interface: SecurityContext
      Returns true if authentication is required
      Specified by:
      isAuthenticationRequired in interface SecurityContext
      Returns:
      true If authentication is required

    • isAuthenticated

      public boolean isAuthenticated()
      Specified by:
      isAuthenticated in interface SecurityContext
      Returns:
      true if a user has been authenticated for this request, false otherwise.

    • getAuthenticatedAccount

      public Account getAuthenticatedAccount()
      Description copied from interface: SecurityContext
      Obtain the Account for the currently authenticated identity.
      Specified by:
      getAuthenticatedAccount in interface SecurityContext
      Returns:
      The Account for the currently authenticated identity or null if no account is currently authenticated.

    • getMechanismName

      public String getMechanismName()
      Specified by:
      getMechanismName in interface SecurityContext
      Returns:
      The name of the mechanism used to authenticate the request.

    • authenticationComplete

      public void authenticationComplete(Account account, String mechanism, boolean cachingRequired)
      Description copied from interface: SecurityContext
      Called by the AuthenticationMechanism to indicate that an account has been successfully authenticated. Note: A successful verification of an account using the IdentityManager is not the same as a successful authentication decision, other factors could be taken into account to make the final decision.
      Specified by:
      authenticationComplete in interface SecurityContext
      Parameters:
      account - - The authenticated Account
      mechanism - - The name of the mechanism used to authenticate the account.
      cachingRequired - - If this mechanism requires caching

    • authenticationComplete

      protected void authenticationComplete(Account account, String mechanism, boolean programatic, boolean cachingRequired)

    • authenticationFailed

      public void authenticationFailed(String message, String mechanism)
      Description copied from interface: SecurityContext
      Called by the AuthenticationMechanism to indicate that an authentication attempt has failed. This should only be called where an authentication attempt has truly failed, for authentication mechanisms where an additional round trip with the client is expected this should not be called. Where possible the failure message should contain the name of the identity that authentication was being attempted for, however as this is not always possible to identify in advance a generic message may be all that can be reported.
      Specified by:
      authenticationFailed in interface SecurityContext
      Parameters:
      message - - The message describing the failure.
      mechanism - - The name of the mechanism reporting the failure.

    • registerNotificationReceiver

      public void registerNotificationReceiver(NotificationReceiver receiver)
      Description copied from interface: SecurityContext
      Register a NotificationReceiver interested in receiving notifications for security events that happen on this SecurityContext.
      Specified by:
      registerNotificationReceiver in interface SecurityContext
      Parameters:
      receiver - - The NotificationReceiver to register.

    • removeNotificationReceiver

      public void removeNotificationReceiver(NotificationReceiver receiver)
      Description copied from interface: SecurityContext
      Remove a previously registered NotificationReceiver from this SecurityContext. If the supplied receiver has not been previously registered this method will fail silently.
      Specified by:
      removeNotificationReceiver in interface SecurityContext
      Parameters:
      receiver - - The NotificationReceiver to remove.

    • logout

      public void logout()
      Description copied from interface: SecurityContext
      de-authenticates the current exchange.
      Specified by:
      logout in interface SecurityContext