Undertow support for form-based authentications ?

[albert-kam]

Dear StubbornJava, i'm really glad i stumbled on your web !

I'm thinking on using undertow for my next project and..

1. I have been thinking about self implementing cookie-based sessions with a simple logic where upon login, a unique session id is generated and stored in the cookie + on every request there's a handler to check on this whether it exists to continue processing or redirect to login page for the protected routes.

2. Logout will just clear the cookie and remove the session, which for now i will store in-mem, maybe will just change into redis or something else.

3. And there will be protected routes, and there are non-protected ones.

Do you happen to have any examples for these, or maybe there's already an existing custom handler in the undertow library that can deal with this ?

I have checked pac4j-undertow but i'm looking for something more simpler for now, because i dont need integrations with 3rd party accounts yet.

I'd appreciate any pointers or links to other tutorials if you happen to know any.

Big thanks !

[billoneil]

pac4j-undertow does support form based authentication as well as other 3rd party providers. I think there might be some form based examples in the undertow repo using the identity API.

I also wrote my own very simple and custom form based auth that bypasses the standard APIs. I'll see if I can copy that to a usable example for you when I get a chance.