public class GSSAPIAuthenticationMechanism extends Object implements AuthenticationMechanism
AuthenticationMechanism for GSSAPI / SPNEGO based authentication.
GSSAPI authentication is associated with the HTTP connection, as long as a connection is being re-used allow the authentication state to be re-used.
TODO - May consider an option to allow it to also be associated with the underlying session but that has it's own risks so would need to come with a warning.
AuthenticationMechanism.AuthenticationMechanismOutcome, AuthenticationMechanism.ChallengeResult| Constructor and Description |
|---|
GSSAPIAuthenticationMechanism(GSSAPIServerSubjectFactory subjectFactory) |
GSSAPIAuthenticationMechanism(GSSAPIServerSubjectFactory subjectFactory,
IdentityManager identityManager,
Oid... supportedMechanisms) |
GSSAPIAuthenticationMechanism(GSSAPIServerSubjectFactory subjectFactory,
Oid... supportedMechanisms) |
| Modifier and Type | Method and Description |
|---|---|
AuthenticationMechanism.AuthenticationMechanismOutcome |
authenticate(HttpServerExchange exchange,
SecurityContext securityContext)
Perform authentication of the request.
|
AuthenticationMechanism.AuthenticationMechanismOutcome |
runGSSAPI(HttpServerExchange exchange,
io.netty.buffer.ByteBuf challenge,
SecurityContext securityContext) |
AuthenticationMechanism.ChallengeResult |
sendChallenge(HttpServerExchange exchange,
SecurityContext securityContext)
Send an authentication challenge to the remote client.
|
public GSSAPIAuthenticationMechanism(GSSAPIServerSubjectFactory subjectFactory, IdentityManager identityManager, Oid... supportedMechanisms)
public GSSAPIAuthenticationMechanism(GSSAPIServerSubjectFactory subjectFactory, Oid... supportedMechanisms)
public GSSAPIAuthenticationMechanism(GSSAPIServerSubjectFactory subjectFactory)
public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext)
AuthenticationMechanismauthenticate in interface AuthenticationMechanismexchange - The exchangepublic AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext)
AuthenticationMechanism
The individual mechanisms should update the response headers and body of the message as appropriate however they should
not set the response code, instead that should be indicated in the AuthenticationMechanism.ChallengeResult and the most appropriate
overall response code will be selected.
This method should not return null.
sendChallenge in interface AuthenticationMechanismexchange - The exchangesecurityContext - The security contextAuthenticationMechanism.ChallengeResult indicating if a challenge was sent and the desired response code.public AuthenticationMechanism.AuthenticationMechanismOutcome runGSSAPI(HttpServerExchange exchange, io.netty.buffer.ByteBuf challenge, SecurityContext securityContext)
Copyright © 2020 JBoss by Red Hat. All rights reserved.