HttpClient 2.0 API: Class HttpAuthenticator

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.commons.httpclient.auth
Class HttpAuthenticator

java.lang.Object
  |
  +--org.apache.commons.httpclient.auth.HttpAuthenticator

public final class HttpAuthenticator
extends java.lang.Object

Utility methods for HTTP authorization and authentication. This class provides utility methods for generating responses to HTTP www and proxy authentication challenges.

A client SHOULD assume that all paths at or deeper than the depth of the last symbolic element in the path field of the Request-URI also are within the protection space specified by the basic realm value of the current challenge. A client MAY preemptively send the corresponding Authorization header with requests for resources in that space without receipt of another challenge from the server. Similarly, when a client sends a request to a proxy, it may reuse a userid and password in the Proxy-Authorization header field without receiving another challenge from the proxy server.

Author:: Remy Maucherat, Rodney Waldhoff, Jeff Dever, Ortwin Gl?ck, Sean C. Sullivan, Adrian Sutton, Mike Bowler, Oleg Kalnichevski

Field Summary

static java.lang.String PROXY_AUTH
          The proxy authenticate challange header.

static java.lang.String PROXY_AUTH_RESP
          The proxy authenticate response header.

static java.lang.String WWW_AUTH
          The www authenticate challange header.

static java.lang.String WWW_AUTH_RESP
          The www authenticate response header.

Constructor Summary

HttpAuthenticator()


Method Summary

static boolean authenticate(AuthScheme authscheme, HttpMethod method, HttpConnection conn, HttpState state)
          Attempt to provide requisite authentication credentials to the given method in the given context using the given authentication scheme.

static boolean authenticateDefault(HttpMethod method, HttpConnection conn, HttpState state)
          Attempt to provide default authentication credentials to the given method in the given context using basic authentication scheme.

static boolean authenticateProxy(AuthScheme authscheme, HttpMethod method, HttpConnection conn, HttpState state)
          Attempt to provide requisite proxy authentication credentials to the given method in the given context using the given authentication scheme.

static boolean authenticateProxyDefault(HttpMethod method, HttpConnection conn, HttpState state)
          Attempt to provide default proxy authentication credentials to the given method in the given context using basic authentication scheme.

static AuthScheme selectAuthScheme(Header[] challenges)
          Chooses the strongest authentication scheme supported from the array of authentication challenges.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

WWW_AUTH

public static final java.lang.String WWW_AUTH

The www authenticate challange header.

WWW_AUTH_RESP

public static final java.lang.String WWW_AUTH_RESP

The www authenticate response header.

PROXY_AUTH

public static final java.lang.String PROXY_AUTH

The proxy authenticate challange header.

PROXY_AUTH_RESP

public static final java.lang.String PROXY_AUTH_RESP

The proxy authenticate response header.

Constructor Detail

HttpAuthenticator

public HttpAuthenticator()

Method Detail

selectAuthScheme

public static AuthScheme selectAuthScheme(Header[] challenges)
                                   throws MalformedChallengeException

Chooses the strongest authentication scheme supported from the array of authentication challenges. Currently only NTLM, Digest, Basic schemes are recognized. The NTLM scheme is considered the strongest and is preferred to all others. The Digest scheme is preferred to the Basic one which provides no encryption for credentials. The Basic scheme is used only if it is the only one supported.

Parameters:: challenges - The array of authentication challenges
Returns:: The strongest authentication scheme supported
Throws:: MalformedChallengeException - is thrown if an authentication challenge is malformed; java.lang.UnsupportedOperationException - when none of challenge types available is supported.

authenticateDefault

public static boolean authenticateDefault(HttpMethod method,
                                          HttpConnection conn,
                                          HttpState state)
                                   throws AuthenticationException

Attempt to provide default authentication credentials to the given method in the given context using basic authentication scheme.

Parameters:: method - the HttpMethod which requires authentication; conn - the connection to a specific host. This parameter may be null if default credentials (not specific to any particular host) are to be used; state - the HttpState object providing Credentials
Returns:: true if the Authenticate response header was added
Throws:: AuthenticationException - when a parsing or other error occurs
See Also:: HttpState.setCredentials(String,String,Credentials)

authenticateProxyDefault

public static boolean authenticateProxyDefault(HttpMethod method,
                                               HttpConnection conn,
                                               HttpState state)
                                        throws AuthenticationException

Attempt to provide default proxy authentication credentials to the given method in the given context using basic authentication scheme.

Parameters:: method - the HttpMethod which requires authentication; conn - the connection to a specific host. This parameter may be null if default credentials (not specific to any particular host) are to be used; state - the HttpState object providing Credentials
Returns:: true if the Proxy-Authenticate response header was added
Throws:: AuthenticationException - when a parsing or other error occurs
See Also:: HttpState.setCredentials(String,Credentials)

authenticate

public static boolean authenticate(AuthScheme authscheme,
                                   HttpMethod method,
                                   HttpConnection conn,
                                   HttpState state)
                            throws AuthenticationException

Attempt to provide requisite authentication credentials to the given method in the given context using the given authentication scheme.

Parameters:: authscheme - The authentication scheme to be used; method - The HttpMethod which requires authentication; conn - the connection to a specific host. This parameter may be null if default credentials (not specific to any particular host) are to be used; state - The HttpState object providing Credentials
Returns:: true if the Authenticate response header was added
Throws:: AuthenticationException - when a parsing or other error occurs
See Also:: HttpState.setCredentials(String,Credentials)

authenticateProxy

public static boolean authenticateProxy(AuthScheme authscheme,
                                        HttpMethod method,
                                        HttpConnection conn,
                                        HttpState state)
                                 throws AuthenticationException

Attempt to provide requisite proxy authentication credentials to the given method in the given context using the given authentication scheme.

Parameters:: authscheme - The authentication scheme to be used; method - the HttpMethod which requires authentication; conn - the connection to a specific host. This parameter may be null if default credentials (not specific to any particular host) are to be used; state - the HttpState object providing Credentials
Returns:: true if the Proxy-Authenticate response header was added
Throws:: AuthenticationException - when a parsing or other error occurs
See Also:: HttpState.setCredentials(String,Credentials)