Class DigestAuthenticator
- java.lang.Object
-
- org.eclipse.jetty.security.authentication.LoginAuthenticator
-
- org.eclipse.jetty.security.authentication.DigestAuthenticator
-
- All Implemented Interfaces:
Authenticator
public class DigestAuthenticator extends LoginAuthenticator
The nonce max age in ms can be set with theSecurityHandler.setInitParameter(String, String)using the name "maxNonceAge". The nonce max count can be set withSecurityHandler.setInitParameter(String, String)using the name "maxNonceCount". When the age or count is exceeded, the nonce is considered stale.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.security.Authenticator
Authenticator.AuthConfiguration, Authenticator.Factory
-
-
Field Summary
-
Fields inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator
_identityService, _loginService
-
-
Constructor Summary
Constructors Constructor Description DigestAuthenticator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringgetAuthMethod()longgetMaxNonceAge()intgetMaxNonceCount()org.eclipse.jetty.server.UserIdentitylogin(String username, Object credentials, ServletRequest request)StringnewNonce(org.eclipse.jetty.server.Request request)booleansecureResponse(ServletRequest req, ServletResponse res, boolean mandatory, org.eclipse.jetty.server.Authentication.User validatedUser)is response securevoidsetConfiguration(Authenticator.AuthConfiguration configuration)Configure the AuthenticatorvoidsetMaxNonceAge(long maxNonceAgeInMillis)voidsetMaxNonceCount(int maxNC)org.eclipse.jetty.server.AuthenticationvalidateRequest(ServletRequest req, ServletResponse res, boolean mandatory)Validate a request-
Methods inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator
getLoginService, prepareRequest, renewSession
-
-
-
-
Method Detail
-
setConfiguration
public void setConfiguration(Authenticator.AuthConfiguration configuration)
Description copied from interface:AuthenticatorConfigure the Authenticator- Specified by:
setConfigurationin interfaceAuthenticator- Overrides:
setConfigurationin classLoginAuthenticator- Parameters:
configuration- the configuration
-
getMaxNonceCount
public int getMaxNonceCount()
-
setMaxNonceCount
public void setMaxNonceCount(int maxNC)
-
getMaxNonceAge
public long getMaxNonceAge()
-
setMaxNonceAge
public void setMaxNonceAge(long maxNonceAgeInMillis)
-
getAuthMethod
public String getAuthMethod()
- Returns:
- The name of the authentication method
-
secureResponse
public boolean secureResponse(ServletRequest req, ServletResponse res, boolean mandatory, org.eclipse.jetty.server.Authentication.User validatedUser) throws ServerAuthException
Description copied from interface:Authenticatoris response secure- Parameters:
req- the requestres- the responsemandatory- if security is mandatorvalidatedUser- the user that was validated- Returns:
- true if response is secure
- Throws:
ServerAuthException- if unable to test response
-
validateRequest
public org.eclipse.jetty.server.Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
Description copied from interface:AuthenticatorValidate a request- Parameters:
req- The requestres- The responsemandatory- True if authentication is mandatory.- Returns:
- An Authentication. If Authentication is successful, this will be a
Authentication.User. If a response has been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will implementAuthentication.ResponseSent. If Authentication is not manditory, then aAuthentication.Deferredmay be returned. - Throws:
ServerAuthException- if unable to validate request
-
login
public org.eclipse.jetty.server.UserIdentity login(String username, Object credentials, ServletRequest request)
- Overrides:
loginin classLoginAuthenticator
-
newNonce
public String newNonce(org.eclipse.jetty.server.Request request)
-
-