Package waffle.shiro.negotiate
Class NegotiateAuthenticationStrategy
java.lang.Object
org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
waffle.shiro.negotiate.NegotiateAuthenticationStrategy
- All Implemented Interfaces:
org.apache.shiro.authc.pam.AuthenticationStrategy
public class NegotiateAuthenticationStrategy
extends org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
Custom authentication strategy for the negotiate logic required for SSO/Negotiate auth realm
This strategy is needed when using
NegotiateAuthenticationRealm
. When the negotiate logic is executing, one of more round trips with the client
occur. When the NegotiateAuthenticationRealm
determines another handshake is needed, it throws the exception:
AuthenticationInProgressException
. This custom strategy detects this exception, and immediately re-throws it
so classes higher up in the call stack will allow the handshake to proceed. Without this added logic, the handshake
could be halted after the first connection by the existing error handling. This strategy is needed when using
NegotiateAuthenticationFilter
and more than one realm is configured in
shiro.ini. If only one realm is defined, the current error handling in
ModularRealmAuthenticator.doSingleRealmAuthentication(org.apache.shiro.realm.Realm, org.apache.shiro.authc.AuthenticationToken)
works fine without requiring this strategy. However, the current error handling in
ModularRealmAuthenticator.doMultiRealmAuthentication(java.util.Collection, org.apache.shiro.authc.AuthenticationToken)
does require the NegotiateAuthenticationStrategy
to ensure negotiate 'continue' calls will proceed. So for
now, the most reliable approach is to use this strategy.- Author:
- Dan Rollo Date: 3/18/13 Time: 3:31 PM
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionorg.apache.shiro.authc.AuthenticationInfo
afterAttempt
(org.apache.shiro.realm.Realm realm, org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationInfo singleRealmInfo, org.apache.shiro.authc.AuthenticationInfo aggregateInfo, Throwable t) When the negotiate logic is executing, one of more round trips with the client occur.Methods inherited from class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
afterAllAttempts, beforeAllAttempts, beforeAttempt, merge
-
Constructor Details
-
NegotiateAuthenticationStrategy
public NegotiateAuthenticationStrategy()
-
-
Method Details
-
afterAttempt
public org.apache.shiro.authc.AuthenticationInfo afterAttempt(org.apache.shiro.realm.Realm realm, org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.authc.AuthenticationInfo singleRealmInfo, org.apache.shiro.authc.AuthenticationInfo aggregateInfo, Throwable t) When the negotiate logic is executing, one of more round trips with the client occur. When thenegotiate realm
determines another handshake is needed, it throws the exception:AuthenticationInProgressException
. This custom strategy detects this exception, and immediately re-throws it so classes higher up in the call stack will allow the handshake to proceed. Without this added logic, the handshake would be halted after the first connection by the existing error handling.- Specified by:
afterAttempt
in interfaceorg.apache.shiro.authc.pam.AuthenticationStrategy
- Overrides:
afterAttempt
in classorg.apache.shiro.authc.pam.AbstractAuthenticationStrategy
-