12.3.6. Write Your Own Authentication Scheme

Prev
PicketLink Reference Documentation
Next

⁠12.3.6. Write Your Own Authentication Scheme

If none of the built-in authentication schemes fullfil your requirements, you can always provide your own implementation.

To configure your custom authentication scheme you just need to:

httpBuilder
    .forPath("/authenticate")
        .authenticateWith()
            .scheme(MyCustomAuthenticationScheme.class);

Authentication scheme implementations are simple Java types that implements the org.picketlink.http.authentication.HttpAuthenticationScheme interface.

public class MyCustomAuthenticationScheme implements HttpAuthenticationScheme {

    @Override
    public void initialize(AuthenticationSchemeConfiguration config) {

    }

    @Override
    public void extractCredential(HttpServletRequest request, DefaultLoginCredentials creds) {
    // use this method to extract credentials from request and set them into DefaultLoginCredentials
    }

    @Override
    public void challengeClient(HttpServletRequest request, HttpServletResponse response) {
    // use this method to challenge client for credentials
    }

    @Override
    public void onPostAuthentication(HttpServletRequest request, HttpServletResponse response) {
    // use this method to perform any logic after an authentication attempt
    }
}

Authentication scheme types are just regular CDI beans.

Report a bug