Package org.keycloak.authentication.authenticators.browser

Class SpnegoAuthenticator

java.lang.Object
org.keycloak.authentication.AbstractFormAuthenticator
org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator
org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator
All Implemented Interfaces:
Authenticator, Provider
public class SpnegoAuthenticator extends AbstractUsernameFormAuthenticator implements Authenticator
Version:
$Revision: 1 $
Author:
Bill Burke

  • Field Details

    • bypassChallengeJavascript

      public static boolean bypassChallengeJavascript

  • Constructor Details

    • SpnegoAuthenticator

      public SpnegoAuthenticator()

  • Method Details

    • requiresUser

      public boolean requiresUser()
      Description copied from interface: Authenticator
      Does this authenticator require that the user has already been identified? That AuthenticatorContext.getUser() is not null?
      Specified by:
      requiresUser in interface Authenticator
      Returns:

    • action

      public void action(AuthenticationFlowContext context)
      Description copied from interface: Authenticator
      Called from a form action invocation.
      Specified by:
      action in interface Authenticator
      Overrides:
      action in class AbstractUsernameFormAuthenticator

    • authenticate

      public void authenticate(AuthenticationFlowContext context)
      Description copied from interface: Authenticator
      Initial call for the authenticator. This method should check the current HTTP request to determine if the request satisfies the Authenticator's requirements. If it doesn't, it should send back a challenge response by calling the AuthenticationFlowContext.challenge(Response). If this challenge is a authentication, the action URL of the form must point to /realms/{realm}/login-actions/authenticate?code={session-code}&execution={executionId} or /realms/{realm}/login-actions/registration?code={session-code}&execution={executionId} {session-code} pertains to the code generated from AuthenticationFlowContext.generateAccessCode(). The {executionId} pertains to the AuthenticationExecutionModel.getId() value obtained from AuthenticationFlowContext.getExecution(). The action URL will invoke the action() method described below.
      Specified by:
      authenticate in interface Authenticator

    • optionalChallengeRedirect

      protected jakarta.ws.rs.core.Response optionalChallengeRedirect(AuthenticationFlowContext context, String negotiateHeader)
      401 challenge sent back that bypasses
      Parameters:
      context -
      negotiateHeader -
      Returns:

    • configuredFor

      public boolean configuredFor(KeycloakSession session, RealmModel realm, UserModel user)
      Description copied from interface: Authenticator
      Is this authenticator configured for this user.
      Specified by:
      configuredFor in interface Authenticator
      Returns:

    • setRequiredActions

      public void setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user)
      Description copied from interface: Authenticator
      Set actions to configure authenticator
      Specified by:
      setRequiredActions in interface Authenticator

    • close

      public void close()
      Specified by:
      close in interface Provider
      Overrides:
      close in class AbstractFormAuthenticator