public class DigestAuthModule extends TomcatAuthModule
Modifier and Type | Field and Description |
---|---|
protected String |
key
Private key.
|
protected long |
lastTimestamp
The last timestamp used to generate a nonce.
|
protected Object |
lastTimestampLock |
protected int |
nonceCacheSize
Maximum number of server nonces to keep in the cache.
|
protected int |
nonceCountWindowSize
The window size to use to track seen nonce count values for a given
nonce.
|
protected Map<String,DigestAuthenticator.NonceInfo> |
nonces
List of server nonce values currently being tracked
|
protected long |
nonceValidity
How long server nonces are valid for in milliseconds.
|
protected String |
opaque
Opaque string.
|
protected static String |
QOP
Tomcat's DIGEST implementation only supports auth quality of protection.
|
protected boolean |
validateUri
Should the URI be validated as required by RFC2617?
|
AUTH_HEADER_NAME, AUTHORIZATION_HEADER, cache, changeSessionIdOnAuthentication, context, DEFAULT_REALM_NAME, REALM_NAME, realmName, sm
Constructor and Description |
---|
DigestAuthModule(Context context) |
Modifier and Type | Method and Description |
---|---|
protected String |
generateNonce(HttpServletRequest request)
Generate a unique token.
|
protected String |
getAuthenticateHeader(String nonce,
boolean isNonceStale)
Generates the WWW-Authenticate header.
|
String |
getKey() |
int |
getNonceCacheSize() |
int |
getNonceCountWindowSize() |
long |
getNonceValidity() |
String |
getOpaque() |
void |
initializeModule(MessagePolicy requestPolicy,
MessagePolicy responsePolicy,
CallbackHandler handler,
Map<String,String> options)
Every subclass must extend this method in order to be initialized.
|
boolean |
isValidateUri() |
protected static String |
removeQuotes(String quotedString)
Removes the quotes on a string.
|
protected static String |
removeQuotes(String quotedString,
boolean quotesRequired)
Removes the quotes on a string.
|
void |
setKey(String key) |
void |
setNonceCacheSize(int nonceCacheSize) |
void |
setNonceCountWindowSize(int nonceCountWindowSize) |
void |
setNonceValidity(long nonceValidity) |
void |
setOpaque(String opaque) |
void |
setRealm(Realm realm) |
void |
setValidateUri(boolean validateUri) |
AuthStatus |
validateRequest(MessageInfo messageInfo,
Subject clientSubject,
Subject serviceSubject) |
cleanSubject, getPrincipal, getRealmName, getSupportedMessageTypes, handlePrincipalCallbacks, initialize, isMandatory, secureResponse
protected static final String QOP
protected Map<String,DigestAuthenticator.NonceInfo> nonces
protected long lastTimestamp
protected final Object lastTimestampLock
protected int nonceCacheSize
protected int nonceCountWindowSize
protected String key
protected long nonceValidity
protected String opaque
protected boolean validateUri
public DigestAuthModule(Context context)
public int getNonceCountWindowSize()
public void setNonceCountWindowSize(int nonceCountWindowSize)
public int getNonceCacheSize()
public void setNonceCacheSize(int nonceCacheSize)
public String getKey()
public void setKey(String key)
public long getNonceValidity()
public void setNonceValidity(long nonceValidity)
public String getOpaque()
public void setOpaque(String opaque)
public boolean isValidateUri()
public void setValidateUri(boolean validateUri)
public void setRealm(Realm realm)
public void initializeModule(MessagePolicy requestPolicy, MessagePolicy responsePolicy, CallbackHandler handler, Map<String,String> options) throws AuthException
TomcatAuthModule
initializeModule
in class TomcatAuthModule
AuthException
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException
AuthException
protected static String removeQuotes(String quotedString, boolean quotesRequired)
protected static String removeQuotes(String quotedString)
protected String generateNonce(HttpServletRequest request)
request
- HTTP Servlet requestprotected String getAuthenticateHeader(String nonce, boolean isNonceStale)
The header MUST follow this template :
WWW-Authenticate = "WWW-Authenticate" ":" "Digest" digest-challenge digest-challenge = 1#( realm | [ domain ] | nonce | [ digest-opaque ] |[ stale ] | [ algorithm ] ) realm = "realm" "=" realm-value realm-value = quoted-string domain = "domain" "=" <"> 1#URI <"> nonce = "nonce" "=" nonce-value nonce-value = quoted-string opaque = "opaque" "=" quoted-string stale = "stale" "=" ( "true" | "false" ) algorithm = "algorithm" "=" ( "MD5" | token )
nonce
- nonce tokenCopyright © 2000-2015 Apache Software Foundation. All Rights Reserved.