/**
* Initialises the Passthrough authentication module with the OSGi json configuration.
*
* @param requestPolicy {@inheritDoc}
* @param responsePolicy {@inheritDoc}
* @param handler {@inheritDoc}
*/
@Override
public void initialize(
MessagePolicy requestPolicy,
MessagePolicy responsePolicy,
CallbackHandler handler,
Map options)
throws AuthException {
queryOnResource = new JsonValue(options).get(QUERY_ON_RESOURCE).required().asString();
authenticator =
new AuthenticatorFactory(
authnFilterHelper.getConnectionFactory(), authnFilterHelper.getCryptoService())
.apply(new JsonValue(options));
}
private boolean authenticate(Credential credential, SecurityContextMapper securityContextMapper)
throws AuthException {
if (!credential.isComplete()) {
logger.debug("Failed authentication, missing or empty headers");
return false;
}
// set the authenticationId of the user that is trying to authenticate
securityContextMapper.setAuthenticationId(credential.username);
try {
return authenticator.authenticate(
credential.username,
credential.password,
authnFilterHelper.getRouter().createServerContext());
} catch (ResourceException e) {
logger.debug(
"Failed delegated authentication of {} on {}.", credential.username, queryOnResource, e);
if (e.isServerError()) { // HTTP server-side error
throw new JaspiAuthException(
"Failed delegated authentication of " + credential.username + " on " + queryOnResource,
e);
}
// authentication failed
return false;
}
}