cbSecurity_onInvalidAuthentication
cbSecurity_onInvalidAuthorization
interceptData
struct in each interception call:ip
: The offending IP addressrule
: The security rule intercepted or empty if annotationssettings
: The firewall settingsvalidatorResults
: The validator resultsannotationType
: The annotation type intercepted, handler
or action
or empty if rule drivenprocessActions
: A Boolean indicator that defaults to true. If you change this to false, then the interceptor won't fire the invalid actions. Usually this means, you manually will do them.processActions
which defaults to true. This Boolean indicator tells the firewall to process the invalid authentication/authorization procedures. If you change this value to false, then the firewall will do NOTHING because it is expecting for YOU to have done the actions.cbSecurity_onJWTCreation
cbSecurity_onJWTInvalidation
cbSecurity_onJWTValidAuthentication
cbSecurity_onJWTInvalidUser
cbSecurity_onJWTInvalidClaims
cbSecurity_onJWTExpiration
cbSecurity_onJWTStorageRejection
cbSecurity_onJWTValidParsing
cbSecurity_onJWTInvalidateAllTokens
preAuthentication
and postAuthentication
events fire during the standard authenticate()
method call with a username and password. The preLogin
and postLogin
events fire during the login()
method call. The preLogout
and postLogout
events fire during the logout()
method call.preLogin
and postLogin
interception points will be called during the course of authenticate()
. The order of the calls then are preAuthentication
-> preLogin
-> postLogin
-> postAuthentication
.