问题
WSO2 5.3.0. I am attempting to put in a local authentication step into my flow BEFORE basic auth runs. This is to aid in upgrading our password hashing algorithm (see this other question I asked)
The problem (I think) I am running into is that the initiateAuthenticationRequest is not being called for my new local authenticator (so username is null at the time, the basic authenticator runs to pop the login screen and fill it in, but my code never reruns).
EDIT: My initiateAuthenticationRequest was being skipped because canHandle was evaluating to true. If the method returns false initiateAuthenticationRequest gets called (Code reference here )
My current conundrum is how to pass the http request parameters onto the next step (the BasicAuthenticator) such that my login screen doesn't show up twice. Any help with this issue is appreciated.
EDIT 2: The request parameters are being passed along, but something else is causing BasicAuthenticator.initiateAuthenticationRequest to be called (see same code reference above). It looks like it is because the attribute "commonAuthHandled" is set to true on the request, but I can't find where that's happening, so help finding THAT is what I'm currently looking for
回答1:
My solution here was to override the process method (after reading this code more carefully I realized that my step was toggling the commonAuthHandled bit back to true after processing its response)
A little hacky, but it seems to be working
来源:https://stackoverflow.com/questions/56395783/wso2-add-local-authentication-step-before-basic-auth