Package org.technologybrewery.fermenter.stout.authn

Class ModifiedDefaultSecurityLogic<R,​C extends org.pac4j.core.context.WebContext>

  • All Implemented Interfaces:
    org.pac4j.core.engine.SecurityLogic
    public class ModifiedDefaultSecurityLogic<R,​C extends org.pac4j.core.context.WebContext>
extends org.pac4j.core.engine.DefaultSecurityLogic

    Default security logic:

    If the HTTP request matches the matchers configuration (or no matchers are defined), the security is applied. Otherwise, the user is automatically granted access.

    First, if the user is not authenticated (no profile) and if some clients have been defined in the clients parameter, a login is tried for the direct clients.

    Then, if the user has profile, authorizations are checked according to the authorizers configuration. If the authorizations are valid, the user is granted access. Otherwise, a 403 error page is displayed.

    Finally, if the user is still not authenticated (no profile), he is redirected to the appropriate identity provider if the first defined client is an indirect one in the clients configuration. Otherwise, a 401 error page is displayed.

    • Method Summary

      • Methods inherited from class org.pac4j.core.engine.DefaultSecurityLogic

        forbidden, getAuthorizationChecker, getClientFinder, getMatchingChecker, getProfileStorageDecision, getSavedRequestHandler, perform, redirectToIdentityProvider, saveRequestedUrl, setAuthorizationChecker, setClientFinder, setMatchingChecker, setProfileStorageDecision, setSavedRequestHandler, startAuthentication, toString, unauthorized

      • Methods inherited from class org.pac4j.core.engine.AbstractExceptionAwareLogic

        getErrorUrl, handleException, runtimeException, setErrorUrl

      • Methods inherited from class org.pac4j.core.profile.factory.ProfileManagerFactoryAware

        getProfileManager, getProfileManagerFactory, setProfileManagerFactory

    • Constructor Detail

      • ModifiedDefaultSecurityLogic

        public ModifiedDefaultSecurityLogic()