Implementation of various authentication actions.
ClassDescriptionBase class for validation actions that includes new audit logging support.Manager of
AuthenticationFlowDescriptorobjects.Action that implements a JSON REST API for the
AccountLockoutManagerinterface.Implementation of the
ExternalAuthenticationAPI that handles moving information in and out of request attributes.TODO.An authentication stage that extracts a username/password from the WSS Username/Password attached to a SOAP message.An authentication action that filters out potential authentication flows if the request requires forced authentication or max age behavior and the flows don't support forced authentication.An authentication action that filters out potential authentication flows if the request requires non-browser support and the flows require a browser.Default merging strategy to combine individual
AuthenticationResultobjects into a single result.A password validator that authenticates against Apache htpasswd files.A password validator that authenticates against JAAS.A password validator that authenticates against Kerberos natively, with optional service ticket verification.A password validator that authenticates against LDAP natively.An action that extracts configured parameters from a servlet request and populates
AuthenticationContext.getAuthenticationStateMap()with the data.An implementation of the
JAASCredentialValidatorwhich uses a supplied map to resolve the JAAS config to use.Extracts authentication information from the request and returns it via the IdP's external authentication interface.An authentication action that selects an authentication flow to invoke, or re-uses an existing result for SSO.A canonicalization action that selects a canonicalization flow to invoke.A predicate that determines if this action can run or not.A function to generate a key for lockout storage.An authentication action that acts as the driver regulating execution of transitions between MFA stages.A default cleanup hook that removes the
UsernamePasswordContextfrom the tree.A default cleanup hook that removes a
CertificateContextfrom the tree.An action that executes a deployer-supplied function and produces an
AuthenticationResultbased on the function result.A predicate that determines if this action can run or not.Servlet compatible with the
ExternalAuthenticationinterface that extracts and validates an X.509 client certificate for user authentication.A credential validator that validates an X.509 certificate.Servlet filter to translate Apache mod_ssl certificate variables into Java servlet attributes.