java.lang.Object
- org.eclipse.jetty.security.authentication.LoginAuthenticator
- - org.eclipse.jetty.security.authentication.DigestAuthenticator

All Implemented Interfaces:

Authenticator
```
public class DigestAuthenticator
extends LoginAuthenticator
```
The nonce max age in ms can be set with the SecurityHandler.setInitParameter(String, String) using the name "maxNonceAge". The nonce max count can be set with SecurityHandler.setInitParameter(String, String) using the name "maxNonceCount". When the age or count is exceeded, the nonce is considered stale.

Nested Class Summary
- Nested classes/interfaces inherited from interface org.eclipse.jetty.security.Authenticator
  Authenticator.AuthConfiguration, Authenticator.Factory

Field Summary
- Fields inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator
  _identityService, _loginService

Constructor Summary

Constructors
Constructor Description

DigestAuthenticator()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`java.lang.String`	`getAuthMethod()`
`long`	`getMaxNonceAge()`
`int`	`getMaxNonceCount()`
`org.eclipse.jetty.server.UserIdentity`	`login(java.lang.String username, java.lang.Object credentials, javax.servlet.ServletRequest request)`
`java.lang.String`	`newNonce(org.eclipse.jetty.server.Request request)`
`boolean`	`secureResponse(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, boolean mandatory, org.eclipse.jetty.server.Authentication.User validatedUser)`	is response secure
`void`	`setConfiguration(Authenticator.AuthConfiguration configuration)`	Configure the Authenticator
`void`	`setMaxNonceAge(long maxNonceAgeInMillis)`
`void`	`setMaxNonceCount(int maxNC)`
`org.eclipse.jetty.server.Authentication`	`validateRequest(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, boolean mandatory)`	Validate a request

Methods inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator
getLoginService, logout, prepareRequest, renewSession

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- DigestAuthenticator
```
public DigestAuthenticator()
```

Method Detail

setConfiguration
```
public void setConfiguration(Authenticator.AuthConfiguration configuration)
```
Description copied from interface: Authenticator

Configure the Authenticator

Specified by:

setConfiguration in interface Authenticator

Overrides:

setConfiguration in class LoginAuthenticator

Parameters:

configuration - the configuration

getMaxNonceCount
```
public int getMaxNonceCount()
```

setMaxNonceCount

public void setMaxNonceCount(int maxNC)

getMaxNonceAge
```
public long getMaxNonceAge()
```

setMaxNonceAge

public void setMaxNonceAge(long maxNonceAgeInMillis)

getAuthMethod
```
public java.lang.String getAuthMethod()
```
Returns:

The name of the authentication method

secureResponse

public boolean secureResponse(javax.servlet.ServletRequest req,
                              javax.servlet.ServletResponse res,
                              boolean mandatory,
                              org.eclipse.jetty.server.Authentication.User validatedUser)
                       throws ServerAuthException

Description copied from interface: Authenticator

is response secure

Parameters:: req - the request; res - the response; mandatory - if security is mandator; validatedUser - the user that was validated
Returns:: true if response is secure
Throws:: ServerAuthException - if unable to test response

validateRequest
```
public org.eclipse.jetty.server.Authentication validateRequest(javax.servlet.ServletRequest req,
                                                               javax.servlet.ServletResponse res,
                                                               boolean mandatory)
                                                        throws ServerAuthException
```
Description copied from interface: Authenticator

Validate a request

Parameters:

req - The request

res - The response

mandatory - True if authentication is mandatory.

Returns:

An Authentication. If Authentication is successful, this will be a Authentication.User. If a response has been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will implement Authentication.ResponseSent. If Authentication is not mandatory, then a Authentication.Deferred may be returned.

Throws:

ServerAuthException - if unable to validate request

login

public org.eclipse.jetty.server.UserIdentity login(java.lang.String username,
                                                   java.lang.Object credentials,
                                                   javax.servlet.ServletRequest request)

Overrides:: login in class LoginAuthenticator

newNonce

public java.lang.String newNonce(org.eclipse.jetty.server.Request request)

Class DigestAuthenticator

Nested Class Summary

Nested classes/interfaces inherited from interface org.eclipse.jetty.security.Authenticator

Field Summary

Fields inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator

Constructor Summary

Method Summary

Methods inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator

Methods inherited from class java.lang.Object

Constructor Detail

DigestAuthenticator

Method Detail

setConfiguration

getMaxNonceCount

setMaxNonceCount

getMaxNonceAge

setMaxNonceAge

getAuthMethod

secureResponse

validateRequest

login

newNonce