org.keycloak.adapters.tomcat

Class AbstractKeycloakAuthenticatorValve

java.lang.Object

org.apache.catalina.valves.ValveBase

org.apache.catalina.authenticator.AuthenticatorBase

org.apache.catalina.authenticator.FormAuthenticator

org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve

All Implemented Interfaces:

MBeanRegistration, org.apache.catalina.Authenticator, org.apache.catalina.Contained, org.apache.catalina.Lifecycle, org.apache.catalina.LifecycleListener, org.apache.catalina.Valve

public abstract class AbstractKeycloakAuthenticatorValve
extends org.apache.catalina.authenticator.FormAuthenticator
implements org.apache.catalina.LifecycleListener

Keycloak authentication valve

Version:

$Revision: 1 $

Author:

Davide Ungari, Bill Burke

Field Summary

Fields

Modifier and Type	Field and Description
protected AdapterDeploymentContext	deploymentContext
protected NodesRegistrationManagement	nodesRegistrationManagement
static String	TOKEN_STORE_NOTE
protected CatalinaUserSessionManagement	userSessionManagement

Fields inherited from class org.apache.catalina.authenticator.FormAuthenticator

characterEncoding, info

Fields inherited from class org.apache.catalina.authenticator.AuthenticatorBase

algorithm, cache, changeSessionIdOnAuthentication, context, DEFAULT_ALGORITHM, digest, disableProxyCaching, entropy, lifecycle, random, randomClass, REALM_NAME, securePagesWithPragma, SESSION_ID_BYTES, sm, sso, started

Fields inherited from class org.apache.catalina.valves.ValveBase

container, containerLog, controller, domain, mserver, next, oname

Fields inherited from interface org.apache.catalina.Lifecycle

AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, DESTROY_EVENT, INIT_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Constructor Summary

Constructors

Constructor and Description
AbstractKeycloakAuthenticatorValve()

Method Summary

Modifier and Type	Method and Description
protected boolean	authenticateInternal(org.apache.catalina.connector.Request request, javax.servlet.http.HttpServletResponse response, Object loginConfig)
protected void	beforeStop()
protected void	checkKeycloakSession(org.apache.catalina.connector.Request request, HttpFacade facade) Checks that access token is still valid.
protected abstract GenericPrincipalFactory	createPrincipalFactory()
protected CatalinaRequestAuthenticator	createRequestAuthenticator(org.apache.catalina.connector.Request request, CatalinaHttpFacade facade, KeycloakDeployment deployment, AdapterTokenStore tokenStore)
protected abstract boolean	forwardToErrorPageInternal(org.apache.catalina.connector.Request request, javax.servlet.http.HttpServletResponse response, Object loginConfig)
protected AdapterTokenStore	getTokenStore(org.apache.catalina.connector.Request request, HttpFacade facade, KeycloakDeployment resolvedDeployment)
void	invoke(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response)
void	keycloakInit()
boolean	keycloakRestoreRequest(org.apache.catalina.connector.Request request)
void	keycloakSaveRequest(org.apache.catalina.connector.Request request)
void	lifecycleEvent(org.apache.catalina.LifecycleEvent event)
protected void	logoutInternal(org.apache.catalina.connector.Request request)

Methods inherited from class org.apache.catalina.authenticator.FormAuthenticator

authenticate, forwardToErrorPage, forwardToLoginPage, getCharacterEncoding, getInfo, matchRequest, restoreRequest, savedRequestURL, saveRequest, setCharacterEncoding

Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBase

addLifecycleListener, associate, findLifecycleListeners, generateSessionId, getAlgorithm, getCache, getChangeSessionIdOnAuthentication, getContainer, getDigest, getDisableProxyCaching, getEntropy, getRandom, getRandomClass, getSecurePagesWithPragma, reauthenticateFromSSO, register, removeLifecycleListener, setAlgorithm, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setEntropy, setRandomClass, setSecurePagesWithPragma, start, stop

Methods inherited from class org.apache.catalina.valves.ValveBase

backgroundProcess, createObjectName, event, getContainerName, getController, getDomain, getNext, getObjectName, getParentName, postDeregister, postRegister, preDeregister, preRegister, setController, setNext, setObjectName, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

TOKEN_STORE_NOTE

public static final String TOKEN_STORE_NOTE

See Also:

Constant Field Values

userSessionManagement

protected CatalinaUserSessionManagement userSessionManagement

deploymentContext

protected AdapterDeploymentContext deploymentContext

nodesRegistrationManagement

protected NodesRegistrationManagement nodesRegistrationManagement

Constructor Detail

AbstractKeycloakAuthenticatorValve

public AbstractKeycloakAuthenticatorValve()

Method Detail

lifecycleEvent

public void lifecycleEvent(org.apache.catalina.LifecycleEvent event)

Specified by:

lifecycleEvent in interface org.apache.catalina.LifecycleListener

logoutInternal

protected void logoutInternal(org.apache.catalina.connector.Request request)

beforeStop

protected void beforeStop()

keycloakInit

public void keycloakInit()

invoke

public void invoke(org.apache.catalina.connector.Request request,
                   org.apache.catalina.connector.Response response)
            throws IOException,
                   javax.servlet.ServletException

Specified by:

invoke in interface org.apache.catalina.Valve

Overrides:

invoke in class org.apache.catalina.authenticator.AuthenticatorBase

Throws:

IOException

javax.servlet.ServletException

createPrincipalFactory

protected abstract GenericPrincipalFactory createPrincipalFactory()

forwardToErrorPageInternal

protected abstract boolean forwardToErrorPageInternal(org.apache.catalina.connector.Request request,
                                                      javax.servlet.http.HttpServletResponse response,
                                                      Object loginConfig)
                                               throws IOException

Throws:

IOException

authenticateInternal

protected boolean authenticateInternal(org.apache.catalina.connector.Request request,
                                       javax.servlet.http.HttpServletResponse response,
                                       Object loginConfig)
                                throws IOException

Throws:

IOException

createRequestAuthenticator

protected CatalinaRequestAuthenticator createRequestAuthenticator(org.apache.catalina.connector.Request request,
                                                                  CatalinaHttpFacade facade,
                                                                  KeycloakDeployment deployment,
                                                                  AdapterTokenStore tokenStore)

checkKeycloakSession

protected void checkKeycloakSession(org.apache.catalina.connector.Request request,
                                    HttpFacade facade)

Checks that access token is still valid. Will attempt refresh of token if it is not.

Parameters:

request -

keycloakSaveRequest

public void keycloakSaveRequest(org.apache.catalina.connector.Request request)
                         throws IOException

Throws:

IOException

keycloakRestoreRequest

public boolean keycloakRestoreRequest(org.apache.catalina.connector.Request request)

getTokenStore

protected AdapterTokenStore getTokenStore(org.apache.catalina.connector.Request request,
                                          HttpFacade facade,
                                          KeycloakDeployment resolvedDeployment)