本文整理汇总了Java中javax.security.enterprise.authentication.mechanism.http.HttpMessageContext类的典型用法代码示例。如果您正苦于以下问题:Java HttpMessageContext类的具体用法?Java HttpMessageContext怎么用?Java HttpMessageContext使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
HttpMessageContext类属于javax.security.enterprise.authentication.mechanism.http包,在下文中一共展示了HttpMessageContext类的17个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response,
HttpMessageContext httpMessageContext) throws AuthenticationException {
// ...
String name = request.getParameter("name");
String password = request.getParameter("password");
if (name != null && password != null) {
CredentialValidationResult result = identityStoreHandler.validate(new UsernamePasswordCredential(name, password));
return httpMessageContext.notifyContainerAboutLogin(result);
}
return httpMessageContext.doNothing();
}
开发者ID:PacktPublishing,项目名称:Architecting-Modern-Java-EE-Applications,代码行数:17,代码来源:TestAuthenticationMechanism.java
示例2: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader != null && authorizationHeader.startsWith(BEARER)) {
String token = authorizationHeader.substring(BEARER.length());
JWTCredential credential = tokenHandler.retrieveCredential(token);
if (credential == null) {
httpMessageContext.responseUnauthorized();
}
CredentialValidationResult result = identityStoreHandler.validate(credential);
if (result.getStatus() == VALID) {
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.responseUnauthorized();
}
开发者ID:atbashEE,项目名称:jsr375-extensions,代码行数:25,代码来源:JWTAuthenticationMechanism.java
示例3: validateToken
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
/**
* To validate the JWT token e.g Signature check, JWT claims check(expiration) etc
*
* @param token The JWT access tokens
* @param context
* @return the AuthenticationStatus to notify the container
*/
private AuthenticationStatus validateToken(String token, HttpMessageContext context) {
try {
if (tokenProvider.validateToken(token)) {
JwtCredential credential = tokenProvider.getCredential(token);
//fire an @Authenticated CDI event.
authenticatedEvent.fire(new UserInfo(credential.getPrincipal(), credential.getAuthorities()));
return context.notifyContainerAboutLogin(credential.getPrincipal(), credential.getAuthorities());
}
// if token invalid, response with unauthorized status
return context.responseUnauthorized();
} catch (ExpiredJwtException eje) {
LOGGER.log(Level.INFO, "Security exception for user {0} - {1}", new String[]{eje.getClaims().getSubject(), eje.getMessage()});
return context.responseUnauthorized();
}
}
开发者ID:hantsy,项目名称:javaee8-jaxrs-sample,代码行数:25,代码来源:JwtAuthenticationMechanism.java
示例4: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthException {
String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader != null && authorizationHeader.startsWith(BEARER)) {
String token = authorizationHeader.substring(BEARER.length());
JWTCredential credential = tokenHandler.retrieveCredential(token);
CredentialValidationResult result = identityStore.validate(credential);
if (result.getStatus() == VALID) {
// Communicate the details of the authenticated user to the
// container. In many cases the underlying handler will just store the details
// and the container will actually handle the login after we return from
// this method.
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
throw new AuthException("Login failed");
}
}
return httpMessageContext.doNothing();
}
开发者ID:rdebusscher,项目名称:soteria-jwt,代码行数:26,代码来源:JWTAuthenticationMechanism.java
示例5: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
if (request.getHeader("MY-API-KEY") != null && request.getHeader("MY-API-KEY") != null) {
final String key = request.getHeader("MY-API-KEY");
if (key != null && key.equalsIgnoreCase("DUKE ROCKS")) {
return httpMessageContext.notifyContainerAboutLogin(
"app", new HashSet<>(asList("foo")));
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.doNothing();
}
开发者ID:ivargrimstad,项目名称:security-samples,代码行数:19,代码来源:SimpleAuthenticationMechanism.java
示例6: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
if (request.getParameter("login:username") != null && request.getParameter("login:password") != null) {
String name = request.getParameter("login:username");
Password password = new Password(request.getParameter("login:password"));
CredentialValidationResult result = identityStore.validate(
new UsernamePasswordCredential(name, password));
if (result.getStatus() == VALID) {
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.doNothing();
}
开发者ID:ivargrimstad,项目名称:security-samples,代码行数:23,代码来源:SimpleJSFAuthenticationMechanism.java
示例7: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(
HttpServletRequest request,
HttpServletResponse response,
HttpMessageContext context) throws AuthenticationException {
Credential credential = context.getAuthParameters().getCredential();
if (credential != null) {
return context.notifyContainerAboutLogin(identityStore.validate(credential));
} else {
return context.doNothing();
}
}
开发者ID:hantsy,项目名称:javaee8-jsf-sample,代码行数:15,代码来源:CustomAuthenticationMechanism.java
示例8: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest req, HttpServletResponse res, HttpMessageContext context) {
CredentialValidationResult result = idStoreHandler.validate(
new UsernamePasswordCredential(
req.getParameter("name"), req.getParameter("password")));
if (result.getStatus() == VALID) {
return context.notifyContainerAboutLogin(result);
} else {
return context.responseUnauthorized();
}
}
开发者ID:readlearncode,项目名称:Java-EE-8-Sampler,代码行数:15,代码来源:LiteAuthenticationMechanism.java
示例9: isCallbackRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
private boolean isCallbackRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMsgContext) throws Exception {
if (request.getRequestURI().equals(callbackURL) && request.getParameter("code") != null) {
if (!isEmpty(request.getParameter("state"))) {
try {
String state = request.getParameter("state");
//Cookie cookie = stateCookieDAO.get(request);
// TODO Support state token
/*
if (cookie != null && state.equals(cookie.getValue())) {
return true;
} else {
logger.log(WARNING,
"State parameter provided with callback URL, but did not match cookie. " +
"State param value: " + state + " " +
"Cookie value: " + (cookie == null ? "<no cookie>" : cookie.getValue())
);
}
*/
} finally {
//stateCookieDAO.remove(request, response);
}
}
return true;
}
return false;
}
开发者ID:atbashEE,项目名称:jsr375-extensions,代码行数:29,代码来源:OAuthClientServerBaseModule.java
示例10: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext context) {
LOGGER.log(Level.INFO, "validateRequest: {0}", request.getRequestURI());
// Get the (caller) name and password from the request
// NOTE: This is for the smallest possible example only. In practice
// putting the password in a request query parameter is highly insecure
String name = request.getParameter("username");
String password = request.getParameter("password");
String token = extractToken(context);
if (name != null && password != null
&& "POST".equals(request.getMethod())
&& request.getRequestURI().endsWith("/auth/login")) {
LOGGER.log(Level.INFO, "user credentials : {0}, {1}", new String[]{name, password});
// validation of the credential using the identity store
CredentialValidationResult result = identityStoreHandler.validate(new UsernamePasswordCredential(name, password));
if (result.getStatus() == CredentialValidationResult.Status.VALID) {
// Communicate the details of the authenticated user to the container and return SUCCESS.
return createToken(result, context);
}
// if the authentication failed, we return the unauthorized status in the http response
return context.responseUnauthorized();
} else if (token != null) {
// validation of the jwt credential
return validateToken(token, context);
} else if (context.isProtected()) {
// A protected resource is a resource for which a constraint has been defined.
// if there are no credentials and the resource is protected, we response with unauthorized status
return context.responseUnauthorized();
}
// there are no credentials AND the resource is not protected,
// SO Instructs the container to "do nothing"
return context.doNothing();
}
开发者ID:hantsy,项目名称:javaee8-jaxrs-sample,代码行数:36,代码来源:JwtAuthenticationMechanism.java
示例11: createToken
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
/**
* Create the JWT using CredentialValidationResult received from IdentityStoreHandler
*
* @param result the result from validation of UsernamePasswordCredential
* @param context
* @return the AuthenticationStatus to notify the container
*/
private AuthenticationStatus createToken(CredentialValidationResult result, HttpMessageContext context) {
if (!isRememberMe(context)) {
String jwt = tokenProvider.createToken(result.getCallerPrincipal().getName(), result.getCallerGroups(), false);
context.getResponse().setHeader(HttpHeaders.AUTHORIZATION, AUTHORIZATION_PREFIX + jwt);
}
//fire an @Authenticated CDI event.
authenticatedEvent.fire(new UserInfo(result.getCallerPrincipal().getName(), result.getCallerGroups()));
return context.notifyContainerAboutLogin(result.getCallerPrincipal(), result.getCallerGroups());
}
开发者ID:hantsy,项目名称:javaee8-jaxrs-sample,代码行数:19,代码来源:JwtAuthenticationMechanism.java
示例12: extractToken
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
/**
* To extract the JWT from Authorization HTTP header
*
* @param context
* @return The JWT access tokens
*/
private String extractToken(HttpMessageContext context) {
String authorizationHeader = context.getRequest().getHeader(HttpHeaders.AUTHORIZATION);
if (authorizationHeader != null && authorizationHeader.startsWith(AUTHORIZATION_PREFIX)) {
String token = authorizationHeader.substring(AUTHORIZATION_PREFIX.length(), authorizationHeader.length());
return token;
}
return null;
}
开发者ID:hantsy,项目名称:javaee8-jaxrs-sample,代码行数:15,代码来源:JwtAuthenticationMechanism.java
示例13: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
final String name = request.getParameter("name");
final String pwd = request.getParameter("password");
if (name != null && pwd != null ) {
// Get the (caller) name and password from the request
// NOTE: This is for the smallest possible example only. In practice
// putting the password in a request query parameter is highly
// insecure
Password password = new Password(pwd);
// Delegate the {credentials in -> identity data out} function to
// the Identity Store
CredentialValidationResult result = identityStoreHandler.validate(
new UsernamePasswordCredential(name, password));
if (result.getStatus() == VALID) {
// Communicate the details of the authenticated user to the
// container. In many cases the underlying handler will just store the details
// and the container will actually handle the login after we return from
// this method.
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
}
return httpMessageContext.responseUnauthorized();
}
return httpMessageContext.doNothing();
}
开发者ID:hantsy,项目名称:ee8-sandbox,代码行数:34,代码来源:TestAuthenticationMechanism.java
示例14: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
if (request.getParameter("name") != null && request.getParameter("password") != null) {
// Get the (caller) name and password from the request
// NOTE: This is for the smallest possible example only. In practice
// putting the password in a request query parameter is highly
// insecure
String name = request.getParameter("name");
Password password = new Password(request.getParameter("password"));
// Delegate the {credentials in -> identity data out} function to
// the Identity Store
CredentialValidationResult result = identityStore.validate(
new UsernamePasswordCredential(name, password));
if (result.getStatus() == VALID) {
// Communicate the details of the authenticated user to the
// container. In many cases the underlying handler will just store the details
// and the container will actually handle the login after we return from
// this method.
return httpMessageContext.notifyContainerAboutLogin(
result.getCallerPrincipal(), result.getCallerGroups());
} else {
return httpMessageContext.responseUnauthorized();
}
}
return httpMessageContext.doNothing();
}
开发者ID:ivargrimstad,项目名称:security-samples,代码行数:32,代码来源:SimpleAuthenticationMechanism.java
示例15: validateRequest
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public AuthenticationStatus validateRequest(HttpServletRequest req, HttpServletResponse res, HttpMessageContext msg) {
return msg.doNothing();
}
开发者ID:readlearncode,项目名称:Java-EE-8-Sampler,代码行数:5,代码来源:CustomAuthenticationMechanism.java
示例16: cleanSubject
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
@Override
public void cleanSubject(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) {
HttpAuthenticationMechanism.super.cleanSubject(request, response, httpMessageContext);
}
开发者ID:atbashEE,项目名称:jsr375-extensions,代码行数:5,代码来源:OAuthClientServerBaseModule.java
示例17: isRememberMe
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext; //导入依赖的package包/类
/**
* this function invoked using RememberMe.isRememberMeExpression EL expression
*
* @param context
* @return The remember me flag
*/
public Boolean isRememberMe(HttpMessageContext context) {
return Boolean.valueOf(context.getRequest().getParameter("rememberMe"));
}
开发者ID:hantsy,项目名称:javaee8-jaxrs-sample,代码行数:10,代码来源:JwtAuthenticationMechanism.java
注:本文中的javax.security.enterprise.authentication.mechanism.http.HttpMessageContext类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论