Package io.hawt.web.auth

Class AuthenticationConfiguration

java.lang.Object
io.hawt.web.auth.AuthenticationConfiguration
public class AuthenticationConfiguration extends Object

  • Field Details

    • LOGIN_URL

      public static final String LOGIN_URL
      See Also:

    • UNSECURED_RESOURCE_PATHS

      public static final String[] UNSECURED_RESOURCE_PATHS
      Static resources paths, which should be always reachable.

    • UNSECURED_AUTHENTICATION_PATHS

      public static final String[] UNSECURED_AUTHENTICATION_PATHS
      Paths related to authentication process. /login path is actually a client-side router path, but Hawtio sometimes redirects (thus forcing server request) to this path for unified authentication experience. /auth/*, /user, /keycloak paths are actual servlet mappings.

    • UNSECURED_META_PATHS

      public static final String[] UNSECURED_META_PATHS
      Paths for configuration of the client (@hawtio/react) part.

    • UNSECURED_SERVLET_PATHS

      public static final String[] UNSECURED_SERVLET_PATHS
      API paths. These may be confusing:
      • should NOT be redirected to /login, but
      • should be protected otherwise (e.g., AuthenticationFilter)

    • UNSECURED_PATHS

      public static final String[] UNSECURED_PATHS
      Paths that shouldn't be redirected to /login when user is not authenticated.

    • AUTHENTICATION_ENABLED

      public static final String AUTHENTICATION_ENABLED
      Enable or disable Hawtio's authentication. Value should be boolean.
      See Also:

    • AUTH

      public static final String AUTH
      Shorthand for AUTHENTICATION_ENABLED.
      See Also:

    • AUTHENTICATION_THROTTLED

      public static final String AUTHENTICATION_THROTTLED
      Throttle authentication to protect Hawtio from brute force attacks.
      See Also:

    • REALM

      public static final String REALM
      JAAS realm used to authenticate users.
      See Also:

    • ROLES

      public static final String ROLES
      Authorized user roles. Empty string disables authorization.
      See Also:

    • ROLE_PRINCIPAL_CLASSES

      public static final String ROLE_PRINCIPAL_CLASSES
      JAAS class name that would contain the role principal. Empty string disables authorization.
      See Also:

    • NO_CREDENTIALS_401

      public static final String NO_CREDENTIALS_401
      Whether to return 401 on No Credentials authentication error. Value should be boolean.
      See Also:

    • AUTHENTICATION_CONTAINER_DISCOVERY_CLASSES

      public static final String AUTHENTICATION_CONTAINER_DISCOVERY_CLASSES
      AuthenticationContainerDiscovery classes divided by comma, which are used to discover container environments.
      See Also:

    • KEYCLOAK_ENABLED

      public static final String KEYCLOAK_ENABLED
      Enable or disable Keycloak integration. Value should be boolean.
      See Also:

    • OIDC_CLIENT_CONFIG

      public static final String OIDC_CLIENT_CONFIG
      Configuration property to specify a location for OIDC properties file.
      See Also:

    • HAWTIO_OIDC_CLIENT_CONFIG

      public static final String HAWTIO_OIDC_CLIENT_CONFIG
      See Also:

    • HAWTIO_AUTHENTICATION_ENABLED

      public static final String HAWTIO_AUTHENTICATION_ENABLED
      See Also:

    • HAWTIO_AUTH

      public static final String HAWTIO_AUTH
      See Also:

    • HAWTIO_AUTHENTICATION_THROTTLED

      public static final String HAWTIO_AUTHENTICATION_THROTTLED
      See Also:

    • HAWTIO_REALM

      public static final String HAWTIO_REALM
      See Also:

    • HAWTIO_ROLES

      public static final String HAWTIO_ROLES
      See Also:

    • HAWTIO_ROLE_PRINCIPAL_CLASSES

      public static final String HAWTIO_ROLE_PRINCIPAL_CLASSES
      See Also:

    • HAWTIO_NO_CREDENTIALS_401

      public static final String HAWTIO_NO_CREDENTIALS_401
      See Also:

    • HAWTIO_AUTH_CONTAINER_DISCOVERY_CLASSES

      public static final String HAWTIO_AUTH_CONTAINER_DISCOVERY_CLASSES
      See Also:

    • HAWTIO_KEYCLOAK_ENABLED

      public static final String HAWTIO_KEYCLOAK_ENABLED
      See Also:

    • AUTHENTICATION_CONFIGURATION

      public static final String AUTHENTICATION_CONFIGURATION
      See Also:

    • DEFAULT_REALM

      public static final String DEFAULT_REALM
      See Also:

    • DEFAULT_KARAF_ROLE_PRINCIPAL_CLASSES

      public static final String DEFAULT_KARAF_ROLE_PRINCIPAL_CLASSES
      See Also:

    • TOMCAT_AUTH_CONTAINER_DISCOVERY

      public static final String TOMCAT_AUTH_CONTAINER_DISCOVERY
      See Also:

  • Method Details

    • getConfiguration

      public static AuthenticationConfiguration getConfiguration(jakarta.servlet.ServletContext servletContext)

    • isEnabled

      public boolean isEnabled()

    • getThrottler

      public Optional<AuthenticationThrottler> getThrottler()

    • isNoCredentials401

      public boolean isNoCredentials401()

    • getRealm

      public String getRealm()

    • getRoles

      public String getRoles()

    • getRolePrincipalClasses

      public String getRolePrincipalClasses()

    • setRolePrincipalClasses

      public void setRolePrincipalClasses(String rolePrincipalClasses)

    • getDefaultRolePrincipalClass

      public Class<? extends Principal> getDefaultRolePrincipalClass()

    • getConfiguration

      public Configuration getConfiguration()

    • setConfiguration

      public void setConfiguration(Configuration configuration)

    • isKeycloakEnabled

      public boolean isKeycloakEnabled()

    • isOidcEnabled

      public boolean isOidcEnabled()

    • setSpringSecurityEnabled

      public void setSpringSecurityEnabled(boolean springSecurityEnabled)

    • isSpringSecurityEnabled

      public boolean isSpringSecurityEnabled()

    • isExternalAuthenticationEnabled

      public boolean isExternalAuthenticationEnabled()

    • configureOidc

      public void configureOidc()
      Initialize OIDC configuration, so it is available both in AuthConfigurationServlet and ContentSecurityPolicyFilter.

    • defaultOidcConfigLocation

      protected String defaultOidcConfigLocation()
      Similarly to Keycloak configuration, we'll try well-known configuration locations.
      Returns:
      config location to be used by default

    • getOidcConfiguration

      public OidcConfiguration getOidcConfiguration()

    • toString

      public String toString()
      Overrides:
      toString in class Object