Package io.undertow.security.impl
Class DigestAuthenticationMechanism
- java.lang.Object
-
- io.undertow.security.impl.DigestAuthenticationMechanism
-
- All Implemented Interfaces:
AuthenticationMechanism
public class DigestAuthenticationMechanism extends Object implements AuthenticationMechanism
HttpHandler
to handle HTTP Digest authentication, both according to RFC-2617 and draft update to allow additional algorithms to be used.- Author:
- Darran Lofthouse
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
DigestAuthenticationMechanism.Factory
-
Nested classes/interfaces inherited from interface io.undertow.security.api.AuthenticationMechanism
AuthenticationMechanism.AuthenticationMechanismOutcome, AuthenticationMechanism.ChallengeResult
-
-
Field Summary
Fields Modifier and Type Field Description static AuthenticationMechanismFactory
FACTORY
-
Constructor Summary
Constructors Constructor Description DigestAuthenticationMechanism(String realmName, String domain, String mechanismName)
DigestAuthenticationMechanism(String realmName, String domain, String mechanismName, IdentityManager identityManager)
DigestAuthenticationMechanism(List<DigestAlgorithm> supportedAlgorithms, List<DigestQop> supportedQops, String realmName, String domain, NonceManager nonceManager)
DigestAuthenticationMechanism(List<DigestAlgorithm> supportedAlgorithms, List<DigestQop> supportedQops, String realmName, String domain, NonceManager nonceManager, String mechanismName)
DigestAuthenticationMechanism(List<DigestAlgorithm> supportedAlgorithms, List<DigestQop> supportedQops, String realmName, String domain, NonceManager nonceManager, String mechanismName, IdentityManager identityManager)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AuthenticationMechanism.AuthenticationMechanismOutcome
authenticate(HttpServerExchange exchange, SecurityContext securityContext)
Perform authentication of the request.void
sendAuthenticationInfoHeader(HttpServerExchange exchange)
AuthenticationMechanism.ChallengeResult
sendChallenge(HttpServerExchange exchange, SecurityContext securityContext)
Send an authentication challenge to the remote client.
-
-
-
Field Detail
-
FACTORY
public static final AuthenticationMechanismFactory FACTORY
-
-
Constructor Detail
-
DigestAuthenticationMechanism
public DigestAuthenticationMechanism(List<DigestAlgorithm> supportedAlgorithms, List<DigestQop> supportedQops, String realmName, String domain, NonceManager nonceManager)
-
DigestAuthenticationMechanism
public DigestAuthenticationMechanism(List<DigestAlgorithm> supportedAlgorithms, List<DigestQop> supportedQops, String realmName, String domain, NonceManager nonceManager, String mechanismName)
-
DigestAuthenticationMechanism
public DigestAuthenticationMechanism(List<DigestAlgorithm> supportedAlgorithms, List<DigestQop> supportedQops, String realmName, String domain, NonceManager nonceManager, String mechanismName, IdentityManager identityManager)
-
DigestAuthenticationMechanism
public DigestAuthenticationMechanism(String realmName, String domain, String mechanismName)
-
DigestAuthenticationMechanism
public DigestAuthenticationMechanism(String realmName, String domain, String mechanismName, IdentityManager identityManager)
-
-
Method Detail
-
authenticate
public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext)
Description copied from interface:AuthenticationMechanism
Perform authentication of the request. Any potentially blocking work should be performed in the handoff executor provided- Specified by:
authenticate
in interfaceAuthenticationMechanism
- Parameters:
exchange
- The exchange- Returns:
-
sendChallenge
public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext)
Description copied from interface:AuthenticationMechanism
Send an authentication challenge to the remote client.The individual mechanisms should update the response headers and body of the message as appropriate however they should not set the response code, instead that should be indicated in the
AuthenticationMechanism.ChallengeResult
and the most appropriate overall response code will be selected. This method should not returnnull
.- Specified by:
sendChallenge
in interfaceAuthenticationMechanism
- Parameters:
exchange
- The exchangesecurityContext
- The security context- Returns:
- A
AuthenticationMechanism.ChallengeResult
indicating if a challenge was sent and the desired response code.
-
sendAuthenticationInfoHeader
public void sendAuthenticationInfoHeader(HttpServerExchange exchange)
-
-