public abstract class AbstractSecurityContext extends Object implements SecurityContext
SecurityContext implementations predominantly focusing on the notification handling allowing the specific implementation for focus on authentication.| Modifier and Type | Class and Description |
|---|---|
protected static class | AbstractSecurityContext.Node<T> To reduce allocations we use a custom linked list data structure |
| Modifier and Type | Field and Description |
|---|---|
protected HttpServerExchange | exchange |
| Modifier | Constructor and Description |
|---|---|
protected | AbstractSecurityContext(HttpServerExchange exchange) |
| Modifier and Type | Method and Description |
|---|---|
void | authenticationComplete(Account account, String mechanism, boolean cachingRequired) Called by the AuthenticationMechanism to indicate that an account has been successfully authenticated. |
protected void | authenticationComplete(Account account, String mechanism, boolean programatic, boolean cachingRequired) |
void | authenticationFailed(String message, String mechanism) Called by the AuthenticationMechanism to indicate that an authentication attempt has failed. |
Account | getAuthenticatedAccount() Obtain the Account for the currently authenticated identity. |
String | getMechanismName() |
boolean | isAuthenticated() |
boolean | isAuthenticationRequired() Returns true if authentication is required |
void | logout() de-authenticates the current exchange. |
void | registerNotificationReceiver(NotificationReceiver receiver) Register a NotificationReceiver interested in receiving notifications for security events that happen on this SecurityContext. |
void | removeNotificationReceiver(NotificationReceiver receiver) Remove a previously registered NotificationReceiver from this SecurityContext. |
void | setAuthenticationRequired() Marks this request as requiring authentication. |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitaddAuthenticationMechanism, authenticate, getAuthenticationMechanisms, getIdentityManager, loginprotected final HttpServerExchange exchange
protected AbstractSecurityContext(HttpServerExchange exchange)
public void setAuthenticationRequired()
SecurityContextSecurityContext.authenticate() is called without first calling this method then the request will continue as normal even if the authentication was not successful.setAuthenticationRequired in interface SecurityContextpublic boolean isAuthenticationRequired()
SecurityContextisAuthenticationRequired in interface SecurityContexttrue If authentication is requiredpublic boolean isAuthenticated()
isAuthenticated in interface SecurityContextpublic Account getAuthenticatedAccount()
SecurityContextAccount for the currently authenticated identity.getAuthenticatedAccount in interface SecurityContextAccount for the currently authenticated identity or null if no account is currently authenticated.public String getMechanismName()
getMechanismName in interface SecurityContextpublic void authenticationComplete(Account account, String mechanism, boolean cachingRequired)
SecurityContextAuthenticationMechanism to indicate that an account has been successfully authenticated. Note: A successful verification of an account using the IdentityManager is not the same as a successful authentication decision, other factors could be taken into account to make the final decision.authenticationComplete in interface SecurityContextaccount - - The authenticated Accountmechanism - - The name of the mechanism used to authenticate the account.cachingRequired - - If this mechanism requires cachingprotected void authenticationComplete(Account account, String mechanism, boolean programatic, boolean cachingRequired)
public void authenticationFailed(String message, String mechanism)
SecurityContextAuthenticationMechanism to indicate that an authentication attempt has failed. This should only be called where an authentication attempt has truly failed, for authentication mechanisms where an additional round trip with the client is expected this should not be called. Where possible the failure message should contain the name of the identity that authentication was being attempted for, however as this is not always possible to identify in advance a generic message may be all that can be reported.authenticationFailed in interface SecurityContextmessage - - The message describing the failure.mechanism - - The name of the mechanism reporting the failure.public void registerNotificationReceiver(NotificationReceiver receiver)
SecurityContextNotificationReceiver interested in receiving notifications for security events that happen on this SecurityContext.registerNotificationReceiver in interface SecurityContextreceiver - - The NotificationReceiver to register.public void removeNotificationReceiver(NotificationReceiver receiver)
SecurityContextNotificationReceiver from this SecurityContext. If the supplied receiver has not been previously registered this method will fail silently.removeNotificationReceiver in interface SecurityContextreceiver - - The NotificationReceiver to remove.public void logout()
SecurityContextlogout in interface SecurityContextCopyright © 2020 JBoss by Red Hat. All rights reserved.