If you are configuring Undertow programmatically you need to add a
io.undertow.security.handlers.AuthenticationMechanismsHandler to the
handler chain that has your authentication mechanism.
Unfortunately we don't have a way of hooking this up into the Wildfly
config yet, although it will not be a very big job. Regarding config
options for AS7 there are a few possibilities:
1) Allow the user to specify the class name and module in JBoss Web to
configure per app, and same in standalone.xml for global authenticators.
2) Introduce a servlet loader based mechanism to allow mechanisms to be
loaded and associated with a simple name. This name could then be
specified in the web.xml login config. In the subsystem you could list
all the modules that you want to load authentication mechanisms from.
This has the advantage that internal class names do not leak out into
3) Some other way??
I am leaning towards option 2. I think it should be possible to get this
integrated into the next Undertow release early next week.
Anil Saldhana wrote:
I am trying to figure out how to set up the authentication mechanisms
in undertow. If I write an authentication mechanism involving saml, how
do I make the web apps using that mechanism.
Any links to test cases.
undertow-dev mailing list