org.apache.http.impl.auth

Class DigestScheme

java.lang.Object

org.apache.http.impl.auth.AuthSchemeBase

org.apache.http.impl.auth.RFC2617Scheme

org.apache.http.impl.auth.DigestScheme

All Implemented Interfaces:

java.io.Serializable, AuthScheme, ContextAwareAuthScheme

@NotThreadSafe
public class DigestScheme
extends RFC2617Scheme

Digest authentication scheme as defined in RFC 2617. Both MD5 (default) and MD5-sess are supported. Currently only qop=auth or no qop is supported. qop=auth-int is unsupported. If auth and auth-int are provided, auth is used.

Since the digest username is included as clear text in the generated Authentication header, the charset of the username must be compatible with the HTTP element charset used by the connection.

Since:

4.0

See Also:

Serialized Form

Field Summary

Fields inherited from class org.apache.http.impl.auth.AuthSchemeBase

challengeState

Constructor Summary

Constructors

Constructor and Description
DigestScheme()
DigestScheme(ChallengeState challengeState) Deprecated. (4.3) do not use.
DigestScheme(java.nio.charset.Charset credentialsCharset)

Method Summary

Methods

Modifier and Type	Method and Description
Header	authenticate(Credentials credentials, HttpRequest request) Deprecated. (4.2) Use ContextAwareAuthScheme.authenticate( Credentials, HttpRequest, org.apache.http.protocol.HttpContext)
Header	authenticate(Credentials credentials, HttpRequest request, HttpContext context) Produces a digest authorization string for the given set of Credentials, method name and URI.
static java.lang.String	createCnonce() Creates a random cnonce value based on the current time.
(package private) static java.lang.String	encode(byte[] binaryData) Encodes the 128 bit (16 bytes) MD5 digest into a 32 characters long String according to RFC 2617.
(package private) java.lang.String	getA1()
(package private) java.lang.String	getA2()
(package private) java.lang.String	getCnonce()
java.lang.String	getSchemeName() Returns textual designation of the digest authentication scheme.
boolean	isComplete() Tests if the Digest authentication process has been completed.
boolean	isConnectionBased() Returns false.
void	overrideParamter(java.lang.String name, java.lang.String value)
void	processChallenge(Header header) Processes the Digest challenge.
java.lang.String	toString()

Methods inherited from class org.apache.http.impl.auth.RFC2617Scheme

getCredentialsCharset, getCredentialsCharset, getParameter, getParameters, getRealm, parseChallenge

Methods inherited from class org.apache.http.impl.auth.AuthSchemeBase

getChallengeState, isProxy

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

DigestScheme

public DigestScheme(java.nio.charset.Charset credentialsCharset)

Since:

4.3

DigestScheme

@Deprecated
public DigestScheme(ChallengeState challengeState)

Deprecated. (4.3) do not use.

Creates an instance of DigestScheme with the given challenge state.

Since:

4.2

DigestScheme

public DigestScheme()

Method Detail

processChallenge

public void processChallenge(Header header)
                      throws MalformedChallengeException

Processes the Digest challenge.

Specified by:

processChallenge in interface AuthScheme

Overrides:

processChallenge in class AuthSchemeBase

Parameters:

header - the challenge header

Throws:

MalformedChallengeException - is thrown if the authentication challenge is malformed

isComplete

public boolean isComplete()

Tests if the Digest authentication process has been completed.

Returns:

true if Digest authorization has been processed, false otherwise.

getSchemeName

public java.lang.String getSchemeName()

Returns textual designation of the digest authentication scheme.

Returns:

digest

isConnectionBased

public boolean isConnectionBased()

Returns false. Digest authentication scheme is request based.

Returns:

false.

overrideParamter

public void overrideParamter(java.lang.String name,
                    java.lang.String value)

authenticate

@Deprecated
public Header authenticate(Credentials credentials,
                             HttpRequest request)
                    throws AuthenticationException

Deprecated. (4.2) Use ContextAwareAuthScheme.authenticate( Credentials, HttpRequest, org.apache.http.protocol.HttpContext)

Description copied from interface: AuthScheme

Produces an authorization string for the given set of Credentials.

Parameters:

credentials - The set of credentials to be used for athentication

request - The request being authenticated

Returns:

the authorization string

Throws:

AuthenticationException - if authorization string cannot be generated due to an authentication failure

authenticate

public Header authenticate(Credentials credentials,
                  HttpRequest request,
                  HttpContext context)
                    throws AuthenticationException

Produces a digest authorization string for the given set of Credentials, method name and URI.

Specified by:

authenticate in interface ContextAwareAuthScheme

Overrides:

authenticate in class AuthSchemeBase

Parameters:

credentials - A set of credentials to be used for athentication

request - The request being authenticated

context - HTTP context

Returns:

a digest authorization string

Throws:

InvalidCredentialsException - if authentication credentials are not valid or not applicable for this authentication scheme

AuthenticationException - if authorization string cannot be generated due to an authentication failure

getCnonce

java.lang.String getCnonce()

getA1

java.lang.String getA1()

getA2

java.lang.String getA2()

encode

static java.lang.String encode(byte[] binaryData)

Encodes the 128 bit (16 bytes) MD5 digest into a 32 characters long String according to RFC 2617.

Parameters:

binaryData - array containing the digest

Returns:

encoded MD5, or null if encoding failed

createCnonce

public static java.lang.String createCnonce()

Creates a random cnonce value based on the current time.

Returns:

The cnonce value as String.

toString

public java.lang.String toString()

Overrides:

toString in class AuthSchemeBase