public AuthenticationConfiguration()

in hawtio-system/src/main/java/io/hawt/web/auth/AuthenticationConfiguration.java [63:136]

• 63 lines of code
• 19 McCabe index (conditional complexity)

    public AuthenticationConfiguration(ServletContext servletContext) {
        ConfigManager config = (ConfigManager) servletContext.getAttribute(ConfigManager.CONFIG_MANAGER);

        String defaultRolePrincipalClasses = "";

        if (System.getProperty("karaf.name") != null) {
            defaultRolePrincipalClasses = DEFAULT_KARAF_ROLE_PRINCIPAL_CLASSES;
        }

        String authDiscoveryClasses = TOMCAT_AUTH_CONTAINER_DISCOVERY;

        if (config != null) {
            this.realm = config.get(REALM, DEFAULT_REALM);
            // we have either role or roles
            String roles = config.get(ROLE, null);
            if (roles == null) {
                roles = config.get(ROLES, null);
            }
            if (roles == null) {
                // use default roles (karaf roles)
                roles = DEFAULT_KARAF_ROLES;
            }
            this.role = roles;
            this.rolePrincipalClasses = config.get(ROLE_PRINCIPAL_CLASSES, defaultRolePrincipalClasses);
            this.enabled = config.getBoolean(AUTHENTICATION_ENABLED, true);
            this.noCredentials401 = config.getBoolean(NO_CREDENTIALS_401, false);
            this.keycloakEnabled = this.enabled && config.getBoolean(KEYCLOAK_ENABLED, false);

            authDiscoveryClasses = config.get(AUTHENTICATION_CONTAINER_DISCOVERY_CLASSES, authDiscoveryClasses);
        }

        // JVM system properties can override always
        if (System.getProperty(HAWTIO_AUTHENTICATION_ENABLED) != null) {
            this.enabled = Boolean.getBoolean(HAWTIO_AUTHENTICATION_ENABLED);
        }
        if (System.getProperty(HAWTIO_NO_CREDENTIALS_401) != null) {
            this.noCredentials401 = Boolean.getBoolean(HAWTIO_NO_CREDENTIALS_401);
        }
        if (System.getProperty(HAWTIO_REALM) != null) {
            this.realm = System.getProperty(HAWTIO_REALM);
        }
        if (System.getProperty(HAWTIO_ROLE) != null) {
            this.role = System.getProperty(HAWTIO_ROLE);
        }
        if (System.getProperty(HAWTIO_ROLES) != null) {
            this.role = System.getProperty(HAWTIO_ROLES);
        }
        if (System.getProperty(HAWTIO_ROLE_PRINCIPAL_CLASSES) != null) {
            this.rolePrincipalClasses = System.getProperty(HAWTIO_ROLE_PRINCIPAL_CLASSES);
        }
        if (System.getProperty(HAWTIO_KEYCLOAK_ENABLED) != null) {
            this.keycloakEnabled = this.enabled && Boolean.getBoolean(HAWTIO_KEYCLOAK_ENABLED);
        }
        if (System.getProperty(HAWTIO_AUTH_CONTAINER_DISCOVERY_CLASSES) != null) {
            authDiscoveryClasses = System.getProperty(HAWTIO_AUTH_CONTAINER_DISCOVERY_CLASSES);
        }

        if (this.enabled) {
            List<AuthenticationContainerDiscovery> discoveries = getDiscoveries(authDiscoveryClasses);
            for (AuthenticationContainerDiscovery discovery : discoveries) {
                if (discovery.canAuthenticate(this)) {
                    LOG.info("Discovered container {} to use with hawtio authentication filter", discovery.getContainerName());
                    break;
                }
            }
        }

        if (this.enabled) {
            LOG.info("Starting hawtio authentication filter, JAAS realm: \"{}\" authorized role(s): \"{}\" role principal classes: \"{}\"",
                     this.realm, this.role, this.rolePrincipalClasses);
        } else {
            LOG.info("Starting hawtio authentication filter, JAAS authentication disabled");
        }
    }