I want to capture some of the use cases I can think of here so they are recorded and communicated to the Undertow dev team.
1. Interceptor Mechanism
We need some form of interceptors concept to obtain the following functionality identified in the subsections 1.1, etc
In the old JBossWeb/Tomcat world, this was provided by the Authenticator/Valve interfaces.
1.1 SAML Web Browser SSO Profile
Previously we used IDPWebBrowserSSOValve and SPFormAuthenticators
1.2 SAML Global Logout Profile
Previously we used IDPWebBrowserSSOValve and SPFormAuthenticators
1.3 JSR 196 (JASPI) Integration
Previous we had a JASPI Authenticator in JBossWeb.