{"id":26880862,"url":"https://github.com/nickscha/servlet-auth","last_synced_at":"2025-03-31T14:50:43.563Z","repository":{"id":278756069,"uuid":"92868729","full_name":"nickscha/servlet-auth","owner":"nickscha","description":"A simplistic servlet example project for programmatic authentication","archived":false,"fork":false,"pushed_at":"2017-10-16T09:51:50.000Z","size":29,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-02-21T14:35:53.157Z","etag":null,"topics":["authentication","jsf","sample-app","sample-code","servlet","webapp"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nickscha.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-05-30T19:29:46.000Z","updated_at":"2024-05-18T23:49:06.000Z","dependencies_parsed_at":"2025-02-21T14:35:56.520Z","dependency_job_id":"bedec08a-1ecd-4dd2-a999-68c8a758fd71","html_url":"https://github.com/nickscha/servlet-auth","commit_stats":null,"previous_names":["nickscha/servlet-auth"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickscha%2Fservlet-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickscha%2Fservlet-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickscha%2Fservlet-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickscha%2Fservlet-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nickscha","download_url":"https://codeload.github.com/nickscha/servlet-auth/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246485905,"owners_count":20785420,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","jsf","sample-app","sample-code","servlet","webapp"],"created_at":"2025-03-31T14:50:42.940Z","updated_at":"2025-03-31T14:50:43.554Z","avatar_url":"https://github.com/nickscha.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# servlet-auth\r\n\r\n![Build Status](https://travis-ci.org/nickscha/servlet-auth.svg?branch=master)\r\n![Size](https://reposs.herokuapp.com/?path=nickscha/servlet-auth)\r\n![License](https://img.shields.io/hexpm/l/plug.svg)\r\n\r\nA simplistic servlet example project for custom programmatic authentication.  \r\n\r\nWhen JASPIC, Container, JAAS, Identity Stores (Keycloak, ...) do not fit with your requirements this can be an alternative. You write your custom authentication code once and you can deploy it to every available container which supports your targeted servlet specification. \r\n \r\nPlease note: For EE Containers EJB Security won't work. \r\n \r\n## Installation\r\n* Download, Build with Maven and deploy it to any container with servlet capabilities\r\n* Open your browser and go to localhost:8080/servlet-auth\r\n* The login page will automatically popup\r\n* Enter test=test as user and password\r\n* MyLoginModule class will be invoked and MyCustomPrincipal will be set\r\n### Launch project with embedded jetty\r\n```\r\n  mvn jetty:run-war\r\n```\r\n\r\n### Requirements\r\n\r\n* Java 8 or later\r\n* A container with servlet 3.1 support\r\n\r\n### Tested with\r\n* Tomcat 8.5.15\r\n* Jetty 9.4.6\r\n* Wildfly 10\r\n* Payara 172\r\n \r\n \r\n## Classes and responsibilities\r\n\r\n### AuthenticationRequestFilter\r\nThis Servlet fiter is invoked for all requests on your webapp and checks if you're logged in and authorized to access an page, resource, image, ... If not you'll be redirected to the login page. \r\n\r\n### AuthenticationRequestWrapper\r\nThis request wrapper will override methods such as request::getUserPrincipal, request::isUserInRole(String), request::getRemoteUser() so that you get your custom principal, roles will be assigned whenever you call them on your webapp.\r\n\r\nNotice: These methods will also work available in JSF for the FacesContext (e.g. ExternalContext::getUserPrincipal)\r\n\r\n### MyLoginServlet (path=/login, action=post)\r\nAuthenticates the user and in this sample project creates the MyCustomPrincipal object. Delegate to your custom authentication (LDAP, ...) here.\r\n\r\n### MyLogoutServlet (path=/logout, action=post)\r\nInvalidates the Http Session.\r\n \r\n \r\n## Further Stuff\r\n\r\n### CDI @Inject MyCustomPrincipal\r\nUse the following code (JSF + CDI):\r\n\r\n```java\r\n  @Produces\r\n  public MyCustomPrincipal producePrincipal(){\r\n    // getRemoteUser, isCallerInRole will also work as usual\r\n    return FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal();\r\n  }\r\n```\r\n\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnickscha%2Fservlet-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnickscha%2Fservlet-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnickscha%2Fservlet-auth/lists"}