Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-2583

Make requestURI and Source-Address available from RealmSuccessfulAuthenticationEvent and RealmFailedAuthenticationEvent

XMLWordPrintable

      Source IP address

      The source IP address gets set by the ServerAuthenticationContext when handling the SocketAddressCallback and it gets added to the runtime attributes (also see SocketAddressCallbackServerMechanismFactory).

      Currently, it's possible to obtain the source IP address from only the RealmSuccessfulAuthenticationEvent using the authorizationIdentity as follows:

      event.getAuthorizationIdentity().getRuntimeAttributes().get("Source-Address")

      However, in the failed authentication case, the authorization identity won't get created and so it's not possible to obtain the source IP address from the authorization identity. I think the ServerAuthenticationContext state's runtimeAttributes would still contain the actual value though so we could check if we can obtain it that way and make it available from the event.

      Requested URL

      The host name and protocol for the current authentication request get set by the ServerAuthenticationContext when handling the MechanismInformationCallback (also see SetMechanismInformationMechanismFactory).

      Currently, it's not possible to obtain this information from either the successful or failed events. However, it seems like it should be possible to get this from the ServerAuthenticationContext state's mechanismInformation so we could check if we can obtain it that way and make it available from both events.

              dvilkola@redhat.com Diana Krepinska (Inactive)
              dvilkola@redhat.com Diana Krepinska (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: