WSO2 - 在基本身份验证之前添加本地身份验证步骤 [英] WSO2 - Add local authentication step BEFORE basic auth
问题描述
WSO2 5.3.0.我试图在基本身份验证运行之前将本地身份验证步骤放入我的流程中.这是为了帮助升级我们的密码哈希算法(参见 我问的另一个问题)
WSO2 5.3.0. I am attempting to put in a local authentication step into my flow BEFORE basic auth runs. This is to aid in upgrading our password hashing algorithm (see this other question I asked)
我遇到的问题(我认为)是没有为我的新本地身份验证器调用initialAuthenticationRequest(因此当时用户名为空,基本身份验证器运行以弹出登录屏幕并填写,但是我的代码永远不会重新运行).
The problem (I think) I am running into is that the initiateAuthenticationRequest is not being called for my new local authenticator (so username is null at the time, the basic authenticator runs to pop the login screen and fill it in, but my code never reruns).
我的initialAuthenticationRequest 被跳过,因为canHandle 评估为真.如果该方法返回错误,则调用initialAuthenticationRequest(代码参考这里 )
My initiateAuthenticationRequest was being skipped because canHandle was evaluating to true. If the method returns false initiateAuthenticationRequest gets called (Code reference here )
我当前的难题是如何将 http 请求参数传递到下一步(BasicAuthenticator),以便我的登录屏幕不会出现两次.感谢您对此问题的任何帮助.
My current conundrum is how to pass the http request parameters onto the next step (the BasicAuthenticator) such that my login screen doesn't show up twice. Any help with this issue is appreciated.
EDIT 2:请求参数正在传递,但其他原因导致 BasicAuthenticator.initiateAuthenticationRequest 被调用(参见上面相同的代码参考).看起来是因为请求中的commonAuthHandled"属性设置为 true,但我找不到发生这种情况的地方,因此请帮助找到我目前正在寻找的内容
EDIT 2: The request parameters are being passed along, but something else is causing BasicAuthenticator.initiateAuthenticationRequest to be called (see same code reference above). It looks like it is because the attribute "commonAuthHandled" is set to true on the request, but I can't find where that's happening, so help finding THAT is what I'm currently looking for
推荐答案
我这里的解决方案是覆盖 process 方法(阅读 这段代码 更仔细地我意识到我的步骤是在处理其响应后将 commonAuthHandled 位切换回 true)
My solution here was to override the process method (after reading this code more carefully I realized that my step was toggling the commonAuthHandled bit back to true after processing its response)
有点笨拙,但似乎有效
这篇关于WSO2 - 在基本身份验证之前添加本地身份验证步骤的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
