org.apache.commons.httpclient
Class Authenticator

java.lang.Object
  |
  +--org.apache.commons.httpclient.Authenticator

public class Authenticator
extends java.lang.Object

Utility methods for HTTP authorization and authentication. This class provides utility methods for generating responses to HTTP www and proxy authentication challenges.

Preemptive authentication can be turned on by using the property value of #PREEMPTIVE_PROPERTY. If left unspecified, it has the default value of #PREEMPTIVE_DEFAULT. This configurable behaviour conforms to rcf2617:

A client SHOULD assume that all paths at or deeper than the depth of the last symbolic element in the path field of the Request-URI also are within the protection space specified by the Basic realm value of the current challenge. A client MAY preemptively send the corresponding Authorization header with requests for resources in that space without receipt of another challenge from the server. Similarly, when a client sends a request to a proxy, it may reuse a userid and password in the Proxy-Authorization header field without receiving another challenge from the proxy server.

Version:
$Revision: 1.37 $ $Date: 2003/01/23 22:47:43 $
Author:
Remy Maucherat, Rodney Waldhoff, Jeff Dever, Ortwin Glück, Sean C. Sullivan, Adrian Sutton

Field Summary
static java.lang.String PREEMPTIVE_DEFAULT
          The default property value for #PREEMPTIVE_PROPERTY.
static java.lang.String PREEMPTIVE_PROPERTY
          The boolean property name to turn on preemptive authentication.
static java.lang.String PROXY_AUTH
          The proxy authenticate challange header.
static java.lang.String PROXY_AUTH_RESP
          The proxy authenticate response header.
static java.lang.String WWW_AUTH
          The www authenticate challange header.
static java.lang.String WWW_AUTH_RESP
          The www authenticate response header.
 
Constructor Summary
Authenticator()
           
 
Method Summary
static boolean authenticate(HttpMethod method, HttpState state)
          Add requisite authentication credentials to the given method in the given state if possible.
static boolean authenticateProxy(HttpMethod method, HttpState state)
          Add requisite proxy authentication credentials to the given method in the given state if possible.
static java.lang.String createDigest(java.lang.String uname, java.lang.String pwd, java.util.Map mapCredentials)
          Creates an MD5 response digest.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

PREEMPTIVE_PROPERTY

public static final java.lang.String PREEMPTIVE_PROPERTY
The boolean property name to turn on preemptive authentication.

See Also:
Constant Field Values

PREEMPTIVE_DEFAULT

public static final java.lang.String PREEMPTIVE_DEFAULT
The default property value for #PREEMPTIVE_PROPERTY.

See Also:
Constant Field Values

WWW_AUTH

public static final java.lang.String WWW_AUTH
The www authenticate challange header.

See Also:
Constant Field Values

WWW_AUTH_RESP

public static final java.lang.String WWW_AUTH_RESP
The www authenticate response header.

See Also:
Constant Field Values

PROXY_AUTH

public static final java.lang.String PROXY_AUTH
The proxy authenticate challange header.

See Also:
Constant Field Values

PROXY_AUTH_RESP

public static final java.lang.String PROXY_AUTH_RESP
The proxy authenticate response header.

See Also:
Constant Field Values
Constructor Detail

Authenticator

public Authenticator()
Method Detail

createDigest

public static java.lang.String createDigest(java.lang.String uname,
                                            java.lang.String pwd,
                                            java.util.Map mapCredentials)
                                     throws HttpException
Creates an MD5 response digest.

Parameters:
uname - Username
pwd - Password
mapCredentials - map containing necessary header parameters to construct the digest. It must/can contain: uri, realm, nonce, cnonce, qop, nc.
Returns:
The created digest as string. This will be the response tag's value in the Authentication HTTP header.
Throws:
HttpException - when MD5 is an unsupported algorithm TODO: + Add createDigest() method

authenticate

public static boolean authenticate(HttpMethod method,
                                   HttpState state)
                            throws HttpException,
                                   java.lang.UnsupportedOperationException
Add requisite authentication credentials to the given method in the given state if possible.

Parameters:
method - the HttpMethod which requires authentication
state - the HttpState object providing Credentials
Returns:
true if the Authenticate response header was added
Throws:
HttpException - when a parsing or other error occurs
java.lang.UnsupportedOperationException - when the challenge type is not supported
See Also:
HttpState.setCredentials(String,Credentials)

authenticateProxy

public static boolean authenticateProxy(HttpMethod method,
                                        HttpState state)
                                 throws HttpException,
                                        java.lang.UnsupportedOperationException
Add requisite proxy authentication credentials to the given method in the given state if possible.

Parameters:
method - the HttpMethod which requires authentication
state - the HttpState object providing Credentials
Returns:
true if the Authenticate response header was added
Throws:
HttpException - when a parsing or other error occurs
java.lang.UnsupportedOperationException - when the given challenge type is not supported
See Also:
HttpState.setProxyCredentials(String,Credentials)


Copyright © 2001-2003 Apache Software Foundation. All Rights Reserved.