[undertow-dev] Authentication Mechanism Configuration

Darran Lofthouse darran.lofthouse at jboss.com
Mon Nov 25 10:06:26 EST 2013 

Ok so the ServletExtension covers cases where a more advanced 
initialisation is possibly required.

How about cases where a mechanism could be instantiated using a default 
constructor, should we simplify Stuart's example to just cover that?

Regarding your keycloak mechanism, could you see any cases where a user 
would want to be enabling this without the ServletExtension?

Regards,
Darran Lofthouse.

On 25/11/13 14:50, Bill Burke wrote:
> IMO, you don't really need to add another SPI.  For Keycloak (oauth)
> stuff I'm doing, I just wrote a ServletExtension.  It looks for
> "keycloak" in web.xml's auth-method, then applies the appropriate
> handlers and looks for the appropriate keycloak config file.
>
> On 11/25/2013 9:45 AM, Darran Lofthouse wrote:
>> Hopefully now is going to be the time to once and for all get the
>> authentication mechanism configuration completed for the Undertow /
>> WildFly integration.
>>
>> I have an old discussion I am going through again that covers
>> configuring the mechanisms from the subsystem level i.e. a war can have
>> it's security settings defined / overridden without the contents of the
>> war being affected.
>>
>> But there is also the second group of users that prefers to have
>> complete control within the deployment.
>>
>> I see you have already suggested the following Stuart: -
>>
>>    > I was thinking we introduce:
>>    >
>>    > interface AuthenticationMechanismFactory {
>>    >     AuthenticationMechanism create(final Map<String, String> properties);
>>    > }
>>    >
>>    > And then allow a syntax like so:
>>    >
>>    >
>> <auth-method>com.acme.MyAuthMechanismFactory?prop1=val1,prop2=val2</auth-method>
>>
>> In previous releases the equivalent would have been achieved by defining
>> a valve in the web app.
>>
>> Is this the kind of approach we want for web apps that are defining
>> their own mechanisms?  Is there any additional configuration required?
>>
>> Regards,
>> Darran Lofthouse.
>>
>> _______________________________________________
>> undertow-dev mailing list
>> undertow-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/undertow-dev
>>
>

More information about the undertow-dev mailing list