I'm looking at Undertow handlers and Auth mechanisms and trying to
figure out how to port resteasy oauth. I need to be able to do the
following
1. check a cookie to see if user is already logged in.
2. If not redirect to auth server
3. get a redirect back from auth server
4. make an HTTP request to server based on information from the request
5. Obtain a token from this request
6. Parse and validate the token to obtain user identity and role mappings
7. Propagate the identity and role mappings so other layers can do their
thing (like role checks)
I can do most of this within a AuthenticationMechanism. sendChallenge()
would be used to send the redirect to the auth server. I think a custom
IdentityManager is needed. This would accept a custom Credential. The
Credential would have the identity and role mappings within it and the
IdentityManager would allocate an Account based on this information.
So, thats for Undertow....but I don't see any way to wire this all up
for Wildfly. The IdentityManager is hardcoded to a JaaS one and I see
no way of wiring up AuthenticationMechanisms. I see no other undertow
specific config except for undertow-handlers.conf.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com