All Classes and Interfaces
Class
Description
HttpServlet that handles configuration of OIDC authentication (MS Entra ID, generic Keycloak, other
OpenID Connect / OAuth2 providers).Authentication result
SPI to allow various containers to discover and hook up needed configuration
changes to
AuthenticationConfiguration so hawtio AuthenticationFilter
can integrate with the container easily.Filter for authentication.
This class implements authentication throttling to protect Hawtio
from brute force attacks.
Authenticator performs authentication using JAAS with the
LoginContext for the chosen realm.Helpers for authentication and authorization.
Helpers for authentication and authorization on HTTP sessions.
Represents a provider of a
ClassLoaderHelper class for creating instances of
ClassLoaderProviderA helper class to scan classes on the classpath
A filter that handles client-side routing URLs and redirects to login page depending on authentication state.
Configuration manager that provides Hawtio configuration properties.
https://developer.mozilla.org/ja/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
File DTO
A number of helper functions for creating
FileFilter objects on a File object.A simple API to a file lock
I emulate a non-existing operation jdk.management.jfr:type=FlightRecorder/downloadRecording(long)
executing a sequence of jolokia calls to methods on the FlightRecorder MBean
in order to continously write to the clients stream
This is important as flight recording files may be huge
When we move to Java 8 we can switch this to be java.util.function.Function
A
ServletContextListener which initialises key Hawtio services in the webapp.Copied from Fabric8 v1 io.fabric8.utils.HostUtils
Abstract servlet filter for applying HTTP headers to responses.
A collection of IO helpers
Helpers for JMX
Dummy version that implements JMXSecurityMBean that lets the current user
invoke anything
Snagged from Apache Karaf 3.x
A simple MBean to watch the JMX tree, so it's easy for clients to know when they should refresh
their JMX trees (which typically isn't a cheap operation).
Decorator class around Jolokia native AgentServlet.
Servlet, which aims to return:
- whether keycloak is enabled (true/false) if path '/enabled' is used
- keycloak.json to be used by keycloak JS adapter on frontend if path '/client-config' is used
- validate if current JAAS logged subject is same like SSO user logged through keycloak
if path '/validate-subject-matches' is used
Login servlet
Logout servlet
A helpful base class for MBeans
Some helper methods - though could be replaced by JDK 1.7 code now in java.util.Objects
whenever we are happy to ignore JDK 1.6
Configuration of OpenID Connect.
This login module operates on
Bearer token which contains OAuth2 Access Token.Hawtio plugin registry
Plugin servlet
Evaluates the predicate on the given value
Proxy address interface.
Allowlist manager for hawtio proxy.
A helper object to store the proxy location details
An HTTP reverse proxy/gateway servlet.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Public_Key_Pinning
Cached MBean server invoker for
RBACRestrictor.Generally we do enhanced Jolokia
list operation, but if OSGi env is found we decorate the returned
objects with RBAC information.MBean that optimizes access to Karaf's RBAC services.
Jolokia restrictor that protects MBean server invocation inside Jolokia based on RBAC provided by
JMXSecurityMBean.Helper class to perform redirects and forwards which can also be made aware of the Hawtio context path configured for Spring Boot
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
URI path relative to a given index.
Simple principal to hold a role name of authenticated user (JAAS
Subject).Helpers for servlet
If the user has a session, this will ensure it will expire if the user hasn't clicked on any links
within the session expiry period
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
String utility.
To use Apache Tomcat using its conf/tomcat-users.xml for authentication.
Configuration class to avoid having to deal with jaas.config files in the classpath
A very simple Apache Tomcat
Principal.To use Apache Tomcat's conf/tomcat-users.xml user database as JAAS
LoginContext,
so hawtio can use that for its AuthenticationFilter.Returns the username associated with the current session, if any
A representation of OpenID Connect / OAuth2 access token.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
A helper method to get the namespaces on an XML file
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection