Package org.keycloak.authentication.authenticators.x509

Class ValidateX509CertificateUsername

java.lang.Object

org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator

org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateDirectGrantAuthenticator

org.keycloak.authentication.authenticators.x509.ValidateX509CertificateUsername

All Implemented Interfaces:

org.keycloak.authentication.Authenticator, org.keycloak.provider.Provider

public class ValidateX509CertificateUsername
extends AbstractX509ClientCertificateDirectGrantAuthenticator

Version:

$Revision: 1 $

Author:

Peter Nalyvayko

Nested Class Summary

Nested classes/interfaces inherited from class org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator

AbstractX509ClientCertificateAuthenticator.CertificateValidatorConfigBuilder, AbstractX509ClientCertificateAuthenticator.UserIdentityExtractorBuilder, AbstractX509ClientCertificateAuthenticator.UserIdentityToModelMapperBuilder

Field Summary

Fields

Modifier and Type	Field	Description
protected static ServicesLogger	logger

Fields inherited from class org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator

CANONICAL_DN, CERTIFICATE_EXTENDED_KEY_USAGE, CERTIFICATE_KEY_USAGE, CERTIFICATE_POLICY, CERTIFICATE_POLICY_MODE, CERTIFICATE_POLICY_MODE_ALL, CERTIFICATE_POLICY_MODE_ANY, CONFIRMATION_PAGE_DISALLOWED, CRL_RELATIVE_PATH, CUSTOM_ATTRIBUTE_NAME, DEFAULT_ATTRIBUTE_NAME, ENABLE_CRL, ENABLE_CRLDP, ENABLE_OCSP, MAPPING_SOURCE_CERT_CERTIFICATE_PEM, MAPPING_SOURCE_CERT_ISSUERDN, MAPPING_SOURCE_CERT_SERIALNUMBER, MAPPING_SOURCE_CERT_SERIALNUMBER_ISSUERDN, MAPPING_SOURCE_CERT_SHA256_THUMBPRINT, MAPPING_SOURCE_CERT_SUBJECTALTNAME_EMAIL, MAPPING_SOURCE_CERT_SUBJECTALTNAME_OTHERNAME, MAPPING_SOURCE_CERT_SUBJECTDN, MAPPING_SOURCE_CERT_SUBJECTDN_CN, MAPPING_SOURCE_CERT_SUBJECTDN_EMAIL, MAPPING_SOURCE_SELECTION, OCSP_FAIL_OPEN, OCSPRESPONDER_CERTIFICATE, OCSPRESPONDER_URI, REGULAR_EXPRESSION, REVALIDATE_CERTIFICATE, SERIALNUMBER_HEX, TIMESTAMP_VALIDATION, USER_ATTRIBUTE_MAPPER, USER_MAPPER_SELECTION, USERNAME_EMAIL_MAPPER

Constructor Summary

Constructors

Constructor	Description
ValidateX509CertificateUsername()

Method Summary

Modifier and Type	Method	Description
void	action(org.keycloak.authentication.AuthenticationFlowContext context)
void	authenticate(org.keycloak.authentication.AuthenticationFlowContext context)

Methods inherited from class org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateDirectGrantAuthenticator

errorResponse

Methods inherited from class org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticator

certificateValidationParameters, close, configuredFor, createInfoResponse, getCertificateChain, getUserIdentityExtractor, getUserIdentityToModelMapper, recordX509CertificateAuditDataViaContextEvent, requiresUser, saveX509CertificateAuditDataToAuthSession, setRequiredActions

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.authentication.Authenticator

areRequiredActionsEnabled, getRequiredActions

Field Detail

logger

protected static ServicesLogger logger

Constructor Detail

ValidateX509CertificateUsername

public ValidateX509CertificateUsername()

Method Detail

authenticate

public void authenticate(org.keycloak.authentication.AuthenticationFlowContext context)

action

public void action(org.keycloak.authentication.AuthenticationFlowContext context)

Specified by:

action in interface org.keycloak.authentication.Authenticator

Overrides:

action in class AbstractX509ClientCertificateDirectGrantAuthenticator