[undertow-dev] How to do custom authentication?

Stuart Douglas sdouglas at redhat.com
Wed Oct 15 18:47:13 EDT 2014 

The equivalent of a valve is a HttpHandler, you can wire them up programatically via jboss-web.xml, something like:

<jboss-web>
    <http-handler>
        <class-name>org.jboss.as.test.integration.web.handlers.SetHeaderHandler</class-name>
        <param>
            <param-name>name</param-name>
            <param-value>MyHeader</param-value>
        </param>
        <param>
            <param-name>value</param-name>
            <param-value>MyValue</param-value>
        </param>
    </http-handler>
</jboss-web>

Stuart



----- Original Message -----
> From: "Marc Boorshtein" <marc.boorshtein at tremolosecurity.com>
> To: "undertow-dev at lists jboss. org" <undertow-dev at lists.jboss.org>
> Sent: Thursday, 16 October, 2014 5:00:26 AM
> Subject: [undertow-dev] How to do custom authentication?
> 
> Undertow team,
> 
> I'm trying to integrate our integration with JBoss into Wildfy 8.x. Its a
> reverse proxy that generates a token in a header that is then decoded and
> the context is set. It works in JBoss 7.x using a combination of a Valve and
> a JAAS LoginModule but am struggling to figure out what the replacement of
> the Valve would be.
> 
> Doing some googling I found
> http://undertow.io/documentation/core/security.html but it doesn't point out
> how to configure this without writing custom code to add mechanism to the
> chain. I found a stacktrace article about setting up a servlet extension
> that creates the mechanism, but I don't feel like thats the *best* solution.
> When I did the JBoss 7 integration I used PicketLink's SAML integration as
> an example but it looks like it isn't yet working for Wildfly 8.x and won't
> work until 9?
> 
> I know this isn't a JBoss list but my post on the JBoss forums isn't going
> anywhere so I thought I'd ask here. If someone could point me to an example
> (I usually start with an example of authenticating based on a username in a
> header) I'd really appreciate it.
> 
> Thanks
> 
> 
> Marc Boorshtein
> CTO Tremolo Security
> marc.boorshtein at tremolosecurity.com
> 
> 
> _______________________________________________
> undertow-dev mailing list
> undertow-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/undertow-dev

More information about the undertow-dev mailing list