[undertow-dev] figuring out how to integration resteasy oauth

Stuart Douglas sdouglas at redhat.com
Thu Aug 15 10:38:34 EDT 2013


> 
> Keep me up to date on this.  I'll be using the IdentityManager override
> approach with the current codebase for the moment.

I have made some changes that should make this easier for you:

https://github.com/wildfly/wildfly/pull/4924/files

Basically the principalVsRoleMap is now stored in the DeploymentInfo, and it is no longer used by the IdentityManager. 

Stuart

> 
> On 8/15/2013 8:56 AM, Darran Lofthouse wrote:
> > I will put something together shortly for the mechanism overrides, I
> > previously proposed a solution to these lists a while back which
> > received quite a bit of support.
> >
> > Overall mechanism overrides will either be possible using the subsystem
> > configuration or deployment specific configuration providing both ways
> > to set the mechanism for the app being deployed.
> >
> > Regards,
> > Darran Lofthouse.
> >
> >
> > On 15/08/13 01:23, Bill Burke wrote:
> >> I'm looking at Undertow handlers and Auth mechanisms and trying to
> >> figure out how to port resteasy oauth.  I need to be able to do the
> >> following
> >>
> >> 1. check a cookie to see if user is already logged in.
> >> 2. If not redirect to auth server
> >> 3. get a redirect back from auth server
> >> 4. make an HTTP request to server based on information from the request
> >> 5. Obtain a token from this request
> >> 6. Parse and validate the token to obtain user identity and role mappings
> >> 7. Propagate the identity and role mappings so other layers can do their
> >> thing (like role checks)
> >>
> >> I can do most of this within a AuthenticationMechanism.  sendChallenge()
> >> would be used to send the redirect to the auth server.  I think a custom
> >> IdentityManager is needed.  This would accept a custom Credential.  The
> >> Credential would have the identity and role mappings within it and the
> >> IdentityManager would allocate an Account based on this information.
> >>
> >> So, thats for Undertow....but I don't see any way to wire this all up
> >> for Wildfly.  The IdentityManager is hardcoded to a JaaS one and I see
> >> no way of wiring up AuthenticationMechanisms.  I see no other undertow
> >> specific config except for undertow-handlers.conf.
> >>
> >
> > _______________________________________________
> > undertow-dev mailing list
> > undertow-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/undertow-dev
> >
> 
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> undertow-dev mailing list
> undertow-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/undertow-dev
> 


More information about the undertow-dev mailing list