[undertow-dev] Authentication Mechanism Configuration
Bill Burke
bburke at redhat.com
Mon Nov 25 09:50:44 EST 2013
IMO, you don't really need to add another SPI. For Keycloak (oauth)
stuff I'm doing, I just wrote a ServletExtension. It looks for
"keycloak" in web.xml's auth-method, then applies the appropriate
handlers and looks for the appropriate keycloak config file.
On 11/25/2013 9:45 AM, Darran Lofthouse wrote:
> Hopefully now is going to be the time to once and for all get the
> authentication mechanism configuration completed for the Undertow /
> WildFly integration.
>
> I have an old discussion I am going through again that covers
> configuring the mechanisms from the subsystem level i.e. a war can have
> it's security settings defined / overridden without the contents of the
> war being affected.
>
> But there is also the second group of users that prefers to have
> complete control within the deployment.
>
> I see you have already suggested the following Stuart: -
>
> > I was thinking we introduce:
> >
> > interface AuthenticationMechanismFactory {
> > AuthenticationMechanism create(final Map<String, String> properties);
> > }
> >
> > And then allow a syntax like so:
> >
> >
> <auth-method>com.acme.MyAuthMechanismFactory?prop1=val1,prop2=val2</auth-method>
>
> In previous releases the equivalent would have been achieved by defining
> a valve in the web app.
>
> Is this the kind of approach we want for web apps that are defining
> their own mechanisms? Is there any additional configuration required?
>
> Regards,
> Darran Lofthouse.
>
> _______________________________________________
> undertow-dev mailing list
> undertow-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/undertow-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the undertow-dev
mailing list