Package org.wildfly.security.http
Class HttpConstants
java.lang.Object
org.wildfly.security.http.HttpConstants
Constants used within HTTP based authentication.
- Author:
- Darran Lofthouse
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final intstatic final Stringstatic final Stringstatic final PatternBearer token pattern.static final Stringstatic final Stringstatic final Stringstatic final Stringstatic final StringThis enables workaround for native GSS, where createName() needs to be called for correct GSSContext initialization.static final StringIn clustered environment Security Identity is restored during failover, load balancer change node (not sticky behavior) and session passivation/activation.static final StringThe context relative path of the error page.static final StringThis allows aGSSManagerinstance to be passed into the authentication mechanisms.static final StringThe context relative path of the login page.static final StringThis defines the location used by mechanisms dependent on the response to the challenge being sent in using 'POST'.static final Stringstatic final Stringstatic final StringA comma separated list of scopes in preferred order the mechanism should attempt to use to persist state including the caching of any previously authenticated identity.static final Stringstatic final Stringstatic final Stringstatic final Stringstatic final StringIf set totruethe SPNEGO and FORM authentication mechanisms will not change the session ID after a successful authentication.static final Stringstatic final StringErrorsstatic final Stringstatic final Stringstatic final Stringstatic final intstatic final Stringstatic final intstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final intstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final StringThe property which holds the negotiated security identity after a successful HTTP server-side authentication.static final intstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final intstatic final intstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final String -
Method Summary
-
Field Details
-
SECURITY_IDENTITY
The property which holds the negotiated security identity after a successful HTTP server-side authentication.- See Also:
-
CONFIG_CONTEXT_PATH
-
CONFIG_REALM
-
CONFIG_VALIDATE_DIGEST_URI
-
CONFIG_SKIP_CERTIFICATE_VERIFICATION
-
CONFIG_LOGIN_PAGE
The context relative path of the login page. -
CONFIG_ERROR_PAGE
The context relative path of the error page. -
CONFIG_POST_LOCATION
This defines the location used by mechanisms dependent on the response to the challenge being sent in using 'POST'. -
CONFIG_GSS_MANAGER
This allows aGSSManagerinstance to be passed into the authentication mechanisms. -
CONFIG_CREATE_NAME_GSS_INIT
This enables workaround for native GSS, where createName() needs to be called for correct GSSContext initialization. Set to "true" to call createName() as part of GSSContext initialization. This is workaround of JDK-8194073. -
CONFIG_DISABLE_RESTORE_SECURITY_IDENTITY
In clustered environment Security Identity is restored during failover, load balancer change node (not sticky behavior) and session passivation/activation. Set to "true" to disable this behavior. -
CONFIG_STATE_SCOPES
A comma separated list of scopes in preferred order the mechanism should attempt to use to persist state including the caching of any previously authenticated identity. Accepted values are: -- CONNECTION
- SESSION
- SSL_SESSION
- NONE
-
DISABLE_SESSION_ID_CHANGE
If set totruethe SPNEGO and FORM authentication mechanisms will not change the session ID after a successful authentication. Where set the web application should be configured to use cookies exclusively for session management. -
ALGORITHM
- See Also:
-
AUTH
- See Also:
-
AUTH_PARAM
- See Also:
-
CHARSET
- See Also:
-
CNONCE
- See Also:
-
DOMAIN
- See Also:
-
NC
- See Also:
-
NEGOTIATE
- See Also:
-
NEXT_NONCE
- See Also:
-
NONCE
- See Also:
-
PARTIAL
- See Also:
-
OPAQUE
- See Also:
-
QOP
- See Also:
-
REALM
- See Also:
-
RSPAUTH
- See Also:
-
RESPONSE
- See Also:
-
STALE
- See Also:
-
URI
- See Also:
-
USERNAME
- See Also:
-
USERNAME_STAR
- See Also:
-
XML_HTTP_REQUEST
- See Also:
-
ACCEPT
- See Also:
-
AUTHENTICATION_INFO
- See Also:
-
AUTHORIZATION
- See Also:
-
FACES_REQUEST
- See Also:
-
HOST
- See Also:
-
LOCATION
- See Also:
-
SOAP_ACTION
- See Also:
-
WWW_AUTHENTICATE
- See Also:
-
X_REQUESTED_WITH
- See Also:
-
ERROR
Errors- See Also:
-
ERROR_DESCRIPTION
- See Also:
-
INVALID_TOKEN
- See Also:
-
STALE_TOKEN
- See Also:
-
NO_TOKEN
- See Also:
-
BASIC_NAME
- See Also:
-
CLIENT_CERT_NAME
- See Also:
-
DIGEST_NAME
- See Also:
-
DIGEST_SHA256_NAME
- See Also:
-
DIGEST_SHA512_256_NAME
- See Also:
-
EXTERNAL_NAME
- See Also:
-
FORM_NAME
- See Also:
-
SPNEGO_NAME
- See Also:
-
BEARER_TOKEN
- See Also:
-
OK
public static final int OK- See Also:
-
FOUND
public static final int FOUND- See Also:
-
SEE_OTHER
public static final int SEE_OTHER- See Also:
-
TEMPORARY_REDIRECT
public static final int TEMPORARY_REDIRECT- See Also:
-
BAD_REQUEST
public static final int BAD_REQUEST- See Also:
-
UNAUTHORIZED
public static final int UNAUTHORIZED- See Also:
-
FORBIDDEN
public static final int FORBIDDEN- See Also:
-
POST
- See Also:
-
OPTIONS
- See Also:
-
MD5
- See Also:
-
SHA256
- See Also:
-
SHA512_256
- See Also:
-
HTTP
- See Also:
-
HTTPS
- See Also:
-
BEARER_TOKEN_PATTERN
Bearer token pattern. The Bearer token authorization header is of the form "Bearer", followed by optional whitespace, followed by the token itself, followed by optional whitespace. The token itself must be one or more characters and must not contain any whitespace.
-