Examples of LoginConfig

io.undertow.servlet.api.LoginConfig
@author Stuart Douglas
org.apache.catalina.deploy.LoginConfig
Representation of a login configuration element for a web application, as represented in a <login-config> element in the deployment descriptor. @author Craig R. McClanahan @version $Revision: 1.3 $ $Date: 2004/02/27 14:58:43 $
org.apache.geronimo.jee.loginconfig.LoginConfig
3.org/2001/XMLSchema}anyType"> <sequence> <choice maxOccurs="unbounded" minOccurs="0"> <element name="login-module-ref" type="{http://geronimo.apache.org/xml/ns/loginconfig-2.0}login-module-refType"/> <element name="login-module" type="{http://geronimo.apache.org/xml/ns/loginconfig-2.0}login-moduleType"/> </choice> </sequence> </restriction> </complexContent> </complexType>
org.apache.jmeter.config.LoginConfig
Title: JMeter Description: Copyright: Copyright (c) 2000 Company: Apache @author Michael Stover @created March 13, 2001 @version 1.0
org.apache.tomcat.deploy.LoginConfig
Representation of a login configuration element for a web application, as represented in a <login-config> element in the deployment descriptor. @author Craig R. McClanahan @version $Revision: 1.1 $ $Date: 2000/02/13 01:43:45 $
org.apache.tomcat.util.descriptor.web.LoginConfig
Representation of a login configuration element for a web application, as represented in a <login-config> element in the deployment descriptor. @author Craig R. McClanahan @version $Id: LoginConfig.java 1500964 2013-07-08 21:24:05Z markt $
org.glassfish.embeddable.web.config.LoginConfig
The class configures the authentication related parameters like, authentication method, form login configuration, if authentication method is form based authentication, the realm name and the realm type.
Usage example:
```
 FormLoginConfig form = new FormLoginConfig("login.html", "error.html"); LoginConfig loginConfig = new LoginConfig(); loginConfig.setAuthMethod(AuthMethod.FORM); loginConfig.setRealmName("userauth"); loginConfig.setFormLoginConfig(form); 
```
@see SecurityConfig @author Rajiv Mordani @author Amy Roh

Examples of io.undertow.servlet.api.LoginConfig

     *
     * @param initialHandler The handler to wrap with security handlers
     */
    private HttpHandler setupSecurityHandlers(HttpHandler initialHandler) {
        final DeploymentInfo deploymentInfo = deployment.getDeploymentInfo();
        final LoginConfig loginConfig = deploymentInfo.getLoginConfig();


        final Map<String, AuthenticationMechanismFactory> factoryMap = new HashMap<>(deploymentInfo.getAuthenticationMechanisms());
        if(!factoryMap.containsKey(BASIC_AUTH)) {
            factoryMap.put(BASIC_AUTH, BasicAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(FORM_AUTH)) {
            factoryMap.put(FORM_AUTH, ServletFormAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(DIGEST_AUTH)) {
            factoryMap.put(DIGEST_AUTH, DigestAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(CLIENT_CERT_AUTH)) {
            factoryMap.put(CLIENT_CERT_AUTH, ClientCertAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(ExternalAuthenticationMechanism.NAME)) {
            factoryMap.put(ExternalAuthenticationMechanism.NAME, ExternalAuthenticationMechanism.FACTORY);
        }
        HttpHandler current = initialHandler;
        current = new SSLInformationAssociationHandler(current);


        final SecurityPathMatches securityPathMatches = buildSecurityConstraints();
        current = new ServletAuthenticationCallHandler(current);
        if(deploymentInfo.isDisableCachingForSecuredPages()) {
            current = Handlers.predicate(Predicates.authRequired(), Handlers.disableCache(current), current);
        }
        if (!securityPathMatches.isEmpty()) {
            current = new ServletAuthenticationConstraintHandler(current);
        }
        current = new ServletConfidentialityConstraintHandler(deploymentInfo.getConfidentialPortManager(), current);
        if (!securityPathMatches.isEmpty()) {
            current = new ServletSecurityConstraintHandler(securityPathMatches, current);
        }
        List<AuthenticationMechanism> authenticationMechanisms = new LinkedList<>();
        authenticationMechanisms.add(new CachedAuthenticatedSessionMechanism()); //TODO: does this really need to be hard coded?


        String mechName = null;
        if (loginConfig != null || deploymentInfo.getJaspiAuthenticationMechanism() != null) {


            //we don't allow multipart requests, and always use the default encoding
            FormParserFactory parser = FormParserFactory.builder(false)
                    .addParser(new FormEncodedDataDefinition().setDefaultEncoding(deploymentInfo.getDefaultEncoding()))
                    .build();


            List<AuthMethodConfig> authMethods = Collections.<AuthMethodConfig>emptyList();
            if(loginConfig != null) {
                authMethods = loginConfig.getAuthMethods();
            }


            for(AuthMethodConfig method : authMethods) {
                AuthenticationMechanismFactory factory = factoryMap.get(method.getName());
                if(factory == null) {
                    throw UndertowServletMessages.MESSAGES.unknownAuthenticationMechanism(method.getName());
                }
                if(mechName == null) {
                    mechName = method.getName();
                }


                final Map<String, String> properties = new HashMap<>();
                properties.put(AuthenticationMechanismFactory.CONTEXT_PATH, deploymentInfo.getContextPath());
                properties.put(AuthenticationMechanismFactory.REALM, loginConfig.getRealmName());
                properties.put(AuthenticationMechanismFactory.ERROR_PAGE, loginConfig.getErrorPage());
                properties.put(AuthenticationMechanismFactory.LOGIN_PAGE, loginConfig.getLoginPage());
                properties.putAll(method.getProperties());


                String name = method.getName().toUpperCase(Locale.US);
                // The mechanism name is passed in from the HttpServletRequest interface as the name reported needs to be
                // comparable using '=='

View Full Code Here

Examples of io.undertow.servlet.api.LoginConfig

     *
     * @param initialHandler The handler to wrap with security handlers
     */
    private HttpHandler setupSecurityHandlers(HttpHandler initialHandler) {
        final DeploymentInfo deploymentInfo = deployment.getDeploymentInfo();
        final LoginConfig loginConfig = deploymentInfo.getLoginConfig();


        final Map<String, AuthenticationMechanismFactory> factoryMap = new HashMap<String, AuthenticationMechanismFactory>(deploymentInfo.getAuthenticationMechanisms());
        if(!factoryMap.containsKey(BASIC_AUTH)) {
            factoryMap.put(BASIC_AUTH, BasicAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(FORM_AUTH)) {
            factoryMap.put(FORM_AUTH, ServletFormAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(DIGEST_AUTH)) {
            factoryMap.put(DIGEST_AUTH, DigestAuthenticationMechanism.FACTORY);
        }
        if(!factoryMap.containsKey(CLIENT_CERT_AUTH)) {
            factoryMap.put(CLIENT_CERT_AUTH, ClientCertAuthenticationMechanism.FACTORY);
        }
        HttpHandler current = initialHandler;
        current = new SSLInformationAssociationHandler(current);


        final SecurityPathMatches securityPathMatches = buildSecurityConstraints();
        current = new AuthenticationCallHandler(current);
        if (!securityPathMatches.isEmpty()) {
            current = new ServletAuthenticationConstraintHandler(current);
        }
        current = new ServletConfidentialityConstraintHandler(deploymentInfo.getConfidentialPortManager(), current);
        if (!securityPathMatches.isEmpty()) {
            current = new ServletSecurityConstraintHandler(securityPathMatches, current);
        }


        String mechName = null;
        if (loginConfig != null || deploymentInfo.getJaspiAuthenticationMechanism() != null) {
            List<AuthenticationMechanism> authenticationMechanisms = new LinkedList<AuthenticationMechanism>();
            authenticationMechanisms.add(new CachedAuthenticatedSessionMechanism()); //TODO: does this really need to be hard coded?


            //we don't allow multipart requests, and always use the default encoding
            FormParserFactory parser = FormParserFactory.builder(false)
                    .addParser(new FormEncodedDataDefinition().setDefaultEncoding(deploymentInfo.getDefaultEncoding()))
                    .build();


            List<AuthMethodConfig> authMethods = Collections.<AuthMethodConfig>emptyList();
            if(loginConfig != null) {
                authMethods = loginConfig.getAuthMethods();
            }


            for(AuthMethodConfig method : authMethods) {
                AuthenticationMechanismFactory factory = factoryMap.get(method.getName());
                if(factory == null) {
                    throw UndertowServletMessages.MESSAGES.unknownAuthenticationMechanism(method.getName());
                }
                if(mechName == null) {
                    mechName = method.getName();
                }


                final Map<String, String> properties = new HashMap<String, String>();
                properties.put(AuthenticationMechanismFactory.CONTEXT_PATH, deploymentInfo.getContextPath());
                properties.put(AuthenticationMechanismFactory.REALM, loginConfig.getRealmName());
                properties.put(AuthenticationMechanismFactory.ERROR_PAGE, loginConfig.getErrorPage());
                properties.put(AuthenticationMechanismFactory.LOGIN_PAGE, loginConfig.getLoginPage());
                properties.putAll(method.getProperties());


                String name = method.getName().toUpperCase();
                // The mechanism name is passed in from the HttpServletRequest interface as the name reported needs to be
                // comparable using '=='

View Full Code Here

Examples of org.apache.catalina.deploy.LoginConfig

      Request request = (Request) messageInfo.getRequestMessage();
      Response response = (Response) messageInfo.getResponseMessage();
     
      Principal principal;
      context = request.getContext();
      LoginConfig config = context.getLoginConfig();
       
      // References to objects we will need later
      Session session = null;


      //Lets find out if the cache is enabled or not

View Full Code Here

Examples of org.apache.catalina.deploy.LoginConfig

                "BASIC".equals(authMethod) ||
                "DIGEST".equals(authMethod) ||
                "CLIENT-CERT".equals(authMethod)) {


                //Setup a login configuration
                LoginConfig loginConfig = new LoginConfig();
                loginConfig.setAuthMethod(authMethod);
                loginConfig.setRealmName(realmName);
                this.setLoginConfig(loginConfig);


                //Setup a default Security Constraint
                SecurityCollection collection = new SecurityCollection();
                collection.addMethod("GET");

View Full Code Here

Examples of org.apache.catalina.deploy.LoginConfig

                                         Context context)
            throws IOException {


        // Specifically allow access to the form login and form error pages
        // and the "j_security_check" action
        LoginConfig config = context.getLoginConfig();
        if ((config != null) &&
                (org.apache.catalina.realm.Constants.FORM_METHOD.equals(config.getAuthMethod()))) {
            String requestURI = request.getDecodedRequestURI();
            String loginPage = context.getPath() + config.getLoginPage();
            if (loginPage.equals(requestURI)) {
                if (log.isDebugEnabled())
                    log.debug(" Allow access to login page " + loginPage);
                return (true);
            }
            String errorPage = context.getPath() + config.getErrorPage();
            if (errorPage.equals(requestURI)) {
                if (log.isDebugEnabled())
                    log.debug(" Allow access to error page " + errorPage);
                return (true);
            }

View Full Code Here

Examples of org.apache.catalina.deploy.LoginConfig

                                         Context context)
            throws IOException {


        // Specifically allow access to the form login and form error pages
        // and the "j_security_check" action
        LoginConfig config = context.getLoginConfig();
        if ((config != null) &&
            (org.apache.catalina.realm.Constants.FORM_METHOD.equals(config.getAuthMethod()))) {
            String requestURI = request.getDecodedRequestURI();
            String loginPage = context.getPath() + config.getLoginPage();
            if (loginPage.equals(requestURI)) {
                if (log.isDebugEnabled())
                    log.debug(" Allow access to login page " + loginPage);
                return (true);
            }
            String errorPage = context.getPath() + config.getErrorPage();
            if (errorPage.equals(requestURI)) {
                if (log.isDebugEnabled())
                    log.debug(" Allow access to error page " + errorPage);
                return (true);
            }

View Full Code Here

Examples of org.apache.catalina.deploy.LoginConfig

                                  errorPage));
            }
        }


        // Process the property setting change
        LoginConfig oldLoginConfig = this.loginConfig;
        this.loginConfig = config;
        support.firePropertyChange("loginConfig",
                                   oldLoginConfig, this.loginConfig);


    }

View Full Code Here

Examples of org.apache.catalina.deploy.LoginConfig

                                  errorPage));
            }
        }


        // Process the property setting change
        LoginConfig oldLoginConfig = this.loginConfig;
        this.loginConfig = config;
        support.firePropertyChange("loginConfig",
                                   oldLoginConfig, this.loginConfig);


    }

View Full Code Here

Examples of org.apache.catalina.deploy.LoginConfig


        // Does this Context require an Authenticator?
        SecurityConstraint constraints[] = context.findConstraints();
        if ((constraints == null) || (constraints.length == 0))
            return;
        LoginConfig loginConfig = context.getLoginConfig();
        if (loginConfig == null) {
            loginConfig = new LoginConfig("NONE", null, null, null);
            context.setLoginConfig(loginConfig);
        }


        // Has an authenticator been configured already?
        if (context instanceof Authenticator)
            return;
        if (context instanceof ContainerBase) {
            Pipeline pipeline = ((ContainerBase) context).getPipeline();
            if (pipeline != null) {
                Valve basic = pipeline.getBasic();
                if ((basic != null) && (basic instanceof Authenticator))
                    return;
                Valve valves[] = pipeline.getValves();
                for (int i = 0; i < valves.length; i++) {
                    if (valves[i] instanceof Authenticator)
                        return;
                }
            }
        } else {
            return;     // Cannot install a Valve even if it would be needed
        }


        // Has a Realm been configured for us to authenticate against?
        if (context.getRealm() == null) {
            log.error(sm.getString("contextConfig.missingRealm"));
            ok = false;
            return;
        }


        // Load our mapping properties if necessary
        if (authenticators == null) {
            try {
                InputStream is=this.getClass().getClassLoader().getResourceAsStream("org/apache/catalina/startup/Authenticators.properties");
                if( is!=null ) {
                    authenticators = new Properties();
                    authenticators.load(is);
                } else {
                    log.error(sm.getString("contextConfig.authenticatorResources"));
                    ok=false;
                    return;
                }
            } catch (IOException e) {
                log.error(sm.getString("contextConfig.authenticatorResources"), e);
                ok = false;
                return;
            }
        }


        // Identify the class name of the Valve we should configure
        String authenticatorName = null;
        authenticatorName =
                authenticators.getProperty(loginConfig.getAuthMethod());
        if (authenticatorName == null) {
            log.error(sm.getString("contextConfig.authenticatorMissing",
                             loginConfig.getAuthMethod()));
            ok = false;
            return;
        }


        // Instantiate and install an Authenticator of the requested class
        Valve authenticator = null;
        try {
            Class authenticatorClass = Class.forName(authenticatorName);
            authenticator = (Valve) authenticatorClass.newInstance();
            if (context instanceof ContainerBase) {
                Pipeline pipeline = ((ContainerBase) context).getPipeline();
                if (pipeline != null) {
                    ((ContainerBase) context).addValve(authenticator);
                    if (log.isDebugEnabled())
                        log.debug(sm.getString("contextConfig.authenticatorConfigured",
                                     loginConfig.getAuthMethod()));
                }
            }
        } catch (Throwable t) {
            log.error(sm.getString("contextConfig.authenticatorInstantiate",
                             authenticatorName), t);

View Full Code Here

Examples of org.apache.catalina.deploy.LoginConfig

        if (constraints == null || constraints.length == 0)
            return (true);


        // Specifically allow access to the form login and form error pages
        // and the "j_security_check" action
        LoginConfig config = context.getLoginConfig();
        if ((config != null) &&
            (Constants.FORM_METHOD.equals(config.getAuthMethod()))) {
            String requestURI = request.getRequestPathMB().toString();
            String loginPage = config.getLoginPage();
            if (loginPage.equals(requestURI)) {
                if (log.isDebugEnabled())
                    log.debug(" Allow access to login page " + loginPage);
                return (true);
            }
            String errorPage = config.getErrorPage();
            if (errorPage.equals(requestURI)) {
                if (log.isDebugEnabled())
                    log.debug(" Allow access to error page " + errorPage);
                return (true);
            }

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.