private void doAuth( HttpServletRequest req, HttpServletResponse rsp, Deque<AuthenticationProfile> stack) throws IOException, ServletException { boolean stop = false; while (!stop && !stack.isEmpty()) { AuthenticationProfile profile = stack.peek(); ExtMap output = profile .getAuthn() .invoke( new ExtMap() .mput(Base.InvokeKeys.COMMAND, Authn.InvokeCommands.AUTHENTICATE_NEGOTIATE) .mput(Authn.InvokeKeys.HTTP_SERVLET_REQUEST, req) .mput(Authn.InvokeKeys.HTTP_SERVLET_RESPONSE, rsp)); switch (output.<Integer>get(Authn.InvokeKeys.RESULT)) { case Authn.AuthResult.SUCCESS: req.setAttribute( FiltersHelper.Constants.REQUEST_AUTH_RECORD_KEY, output.<ExtMap>get(Authn.InvokeKeys.AUTH_RECORD)); req.setAttribute(FiltersHelper.Constants.REQUEST_AUTH_TYPE_KEY, AuthType.NEGOTIATION); req.setAttribute(FiltersHelper.Constants.REQUEST_PROFILE_KEY, profile.getName()); stack.clear(); break; case Authn.AuthResult.NEGOTIATION_UNAUTHORIZED: stack.pop(); break; case Authn.AuthResult.NEGOTIATION_INCOMPLETE: stop = true; break; default: log.error( "Unexpected authentication result. AuthResult code is {}", output.<Integer>get(Authn.InvokeKeys.RESULT)); stack.pop(); break; } } }
private synchronized void cacheNegotiatingProfiles() { schemes = new ArrayList<>(); profiles = new ArrayList<>(); for (AuthenticationProfile profile : AuthenticationProfileRepository.getInstance().getProfiles()) { ExtMap authnContext = profile.getAuthn().getContext(); if ((authnContext.<Long>get(Authn.ContextKeys.CAPABILITIES).longValue() & caps) != 0) { profiles.add(profile); schemes.addAll( authnContext.<Collection<String>>get( Authn.ContextKeys.HTTP_AUTHENTICATION_SCHEME, Collections.<String>emptyList())); } } Collections.sort( profiles, new Comparator<AuthenticationProfile>() { @Override public int compare(AuthenticationProfile o1, AuthenticationProfile o2) { return Integer.compare(o1.getNegotiationPriority(), o2.getNegotiationPriority()); } }); }