Class KeycloakAuthenticationPlugin
java.lang.Object
org.nuxeo.ecm.platform.ui.web.keycloak.KeycloakAuthenticationPlugin
- All Implemented Interfaces:
NuxeoAuthenticationPlugin
,NuxeoAuthenticationPluginLogoutExtension
public class KeycloakAuthenticationPlugin
extends Object
implements NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension
Authentication plugin for handling auth flow with Keyloack
- Since:
- 7.4
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
static final String
static final String
protected KeycloakAuthenticatorProvider
protected String
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionReturns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.handleLoginPrompt
(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String baseURL) Handles the Login Prompt.handleLogout
(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Handles logout operation.handleRetrieveIdentity
(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Retrieves user identification information from the request.void
initPlugin
(Map<String, String> parameters) Initializes the Plugin from parameters set in the XML descriptor.needLoginPrompt
(javax.servlet.http.HttpServletRequest httpRequest) Defines if the authentication plugin needs to do a login prompt.void
setKeycloakAuthenticatorProvider
(KeycloakAuthenticatorProvider keycloakAuthenticatorProvider)
-
Field Details
-
KEYCLOAK_CONFIG_FILE_KEY
- See Also:
-
KEYCLOAK_MAPPING_NAME_KEY
- See Also:
-
DEFAULT_MAPPING_NAME
- See Also:
-
keycloakAuthenticatorProvider
-
mappingName
-
-
Constructor Details
-
KeycloakAuthenticationPlugin
public KeycloakAuthenticationPlugin()
-
-
Method Details
-
initPlugin
Description copied from interface:NuxeoAuthenticationPlugin
Initializes the Plugin from parameters set in the XML descriptor.- Specified by:
initPlugin
in interfaceNuxeoAuthenticationPlugin
-
needLoginPrompt
Description copied from interface:NuxeoAuthenticationPlugin
Defines if the authentication plugin needs to do a login prompt.- Specified by:
needLoginPrompt
in interfaceNuxeoAuthenticationPlugin
- Returns:
- true if LoginPrompt is used
-
handleLoginPrompt
public Boolean handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String baseURL) Description copied from interface:NuxeoAuthenticationPlugin
Handles the Login Prompt.- Specified by:
handleLoginPrompt
in interfaceNuxeoAuthenticationPlugin
- Parameters:
httpRequest
- the requesthttpResponse
- the response- Returns:
- true if AuthFilter must stop execution (ie: login prompt generated a redirect), false otherwise
-
getUnAuthenticatedURLPrefix
Description copied from interface:NuxeoAuthenticationPlugin
Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.- Specified by:
getUnAuthenticatedURLPrefix
in interfaceNuxeoAuthenticationPlugin
-
handleRetrieveIdentity
public UserIdentificationInfo handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Description copied from interface:NuxeoAuthenticationPlugin
Retrieves user identification information from the request.- Specified by:
handleRetrieveIdentity
in interfaceNuxeoAuthenticationPlugin
- Parameters:
httpRequest
- the requesthttpResponse
- the response
-
handleLogout
public Boolean handleLogout(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Description copied from interface:NuxeoAuthenticationPluginLogoutExtension
Handles logout operation.Generic logout (killing session and Seam objects) is done by LogoutActionBean This interface must be implemented by auth plugin when the target auth system needs a specific logout procedure.
- Specified by:
handleLogout
in interfaceNuxeoAuthenticationPluginLogoutExtension
- Returns:
- true if caller must stop execution (ie: logout generated a redirect), false otherwise
-
setKeycloakAuthenticatorProvider
public void setKeycloakAuthenticatorProvider(KeycloakAuthenticatorProvider keycloakAuthenticatorProvider)
-