[undertow-dev] figuring out how to integration resteasy oauth
Bill Burke
bburke at redhat.com
Wed Aug 14 20:24:49 EDT 2013
I have an added problem here of having to provide configuration for
this. (i.e. keys).
On 8/14/2013 8:23 PM, Bill Burke wrote:
> I'm looking at Undertow handlers and Auth mechanisms and trying to
> figure out how to port resteasy oauth. I need to be able to do the
> following
>
> 1. check a cookie to see if user is already logged in.
> 2. If not redirect to auth server
> 3. get a redirect back from auth server
> 4. make an HTTP request to server based on information from the request
> 5. Obtain a token from this request
> 6. Parse and validate the token to obtain user identity and role mappings
> 7. Propagate the identity and role mappings so other layers can do their
> thing (like role checks)
>
> I can do most of this within a AuthenticationMechanism. sendChallenge()
> would be used to send the redirect to the auth server. I think a custom
> IdentityManager is needed. This would accept a custom Credential. The
> Credential would have the identity and role mappings within it and the
> IdentityManager would allocate an Account based on this information.
>
> So, thats for Undertow....but I don't see any way to wire this all up
> for Wildfly. The IdentityManager is hardcoded to a JaaS one and I see
> no way of wiring up AuthenticationMechanisms. I see no other undertow
> specific config except for undertow-handlers.conf.
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the undertow-dev
mailing list