tag:blogger.com,1999:blog-1664815147767077843.post7519027650669464727..comments2023-11-23T09:26:55.908+00:00Comments on Darran's WildFly Blog: WildFly Elytron - Implementing a Custom HTTP Authentication Mechanismdarranlhttp://www.blogger.com/profile/14963190647257703296noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-1664815147767077843.post-2972505685312085392021-05-18T07:10:26.370+01:002021-05-18T07:10:26.370+01:00Can we perform authentication with LDAP here? Can we perform authentication with LDAP here? Ashishhttps://www.blogger.com/profile/08930972915594959827noreply@blogger.comtag:blogger.com,1999:blog-1664815147767077843.post-15565139215997749892019-03-08T14:10:06.625+00:002019-03-08T14:10:06.625+00:00Found it -> The HttpServerExchange is available...Found it -> The HttpServerExchange is available as one of the map entries on the MessageInfo instance passed into the validateRequest() method.Anonymoushttps://www.blogger.com/profile/14580982680405014549noreply@blogger.comtag:blogger.com,1999:blog-1664815147767077843.post-6145269381781493962019-03-07T14:17:42.372+00:002019-03-07T14:17:42.372+00:00Hi Darran,
I understand the concept presented her...Hi Darran,<br /><br />I understand the concept presented here i.e. implementing a custom authentication mechanism and then configuring this against the security domain.<br /><br />But is it possible to force the ssl_renegotiate from a custom jaspic implementation associated with the security domain configured within standalone-full.xml?<br /><br />Previously with the HTTPClientCertServerAuthModule on JBoss using tomcat the following call could be made to force the renegotiation:<br />request.getCoyoteRequest().action(ActionCode.ACTION_REQ_SSL_CERTIFICATE, null);<br /><br />This was possible because the apache catalina api exposed this on their Request class.<br /><br />Alternately is there a way to obtain the HttpServerExchange within the custom JASPIC implementation? This would allow me to obtain the SSLSessionInfo instance and then obtain the peer certificates or renegotiate for these.<br /><br />Thanks.Anonymoushttps://www.blogger.com/profile/14580982680405014549noreply@blogger.com