Package org.eclipse.jetty.client.util

Class SPNEGOAuthentication

java.lang.Object

org.eclipse.jetty.client.util.AbstractAuthentication

org.eclipse.jetty.client.util.SPNEGOAuthentication

All Implemented Interfaces:

Authentication

public class SPNEGOAuthentication
extends AbstractAuthentication

Implementation of the SPNEGO (or "Negotiate") authentication defined in RFC 4559.

A user is logged in via JAAS (either via userName/password or via userName/keyTab) once only.

For every request that needs authentication, a GSSContext is initiated and later established after reading the response from the server.

Applications should create objects of this class and add them to the AuthenticationStore retrieved from the HttpClient via HttpClient.getAuthenticationStore().

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	SPNEGOAuthentication.SPNEGOResult

Nested classes/interfaces inherited from interface org.eclipse.jetty.client.api.Authentication

Authentication.HeaderInfo, Authentication.Result

Field Summary

Fields inherited from interface org.eclipse.jetty.client.api.Authentication

ANY_REALM

Constructor Summary

Constructors

Constructor	Description
SPNEGOAuthentication(URI uri)

Method Summary

Modifier and Type	Method	Description
Authentication.Result	authenticate(Request request, ContentResponse response, Authentication.HeaderInfo headerInfo, Attributes context)	Executes the authentication mechanism for the given request, returning a Authentication.Result that can be used to actually authenticate the request via Authentication.Result.apply(Request).
String	getServiceName()
Path	getTicketCachePath()
String	getType()
Path	getUserKeyTabPath()
String	getUserName()
String	getUserPassword()
boolean	isRenewTGT()
boolean	isUseTicketCache()
void	setRenewTGT(boolean renewTGT)
void	setServiceName(String serviceName)
void	setTicketCachePath(Path ticketCachePath)
void	setUserKeyTabPath(Path userKeyTabPath)
void	setUserName(String userName)
void	setUserPassword(String userPassword)
void	setUseTicketCache(boolean useTicketCache)

Methods inherited from class org.eclipse.jetty.client.util.AbstractAuthentication

getRealm, getURI, matches, matchesURI

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SPNEGOAuthentication

public SPNEGOAuthentication(URI uri)

Method Details

getType

public String getType()

Specified by:

getType in class AbstractAuthentication

getUserName

public String getUserName()

Returns:

the user name of the user to login

setUserName

public void setUserName(String userName)

Parameters:

userName - user name of the user to login

getUserPassword

public String getUserPassword()

Returns:

the password of the user to login

setUserPassword

public void setUserPassword(String userPassword)

Parameters:

userPassword - the password of the user to login

See Also:

• setUserKeyTabPath(Path)

getUserKeyTabPath

public Path getUserKeyTabPath()

Returns:

the path of the keyTab file with the user credentials

setUserKeyTabPath

public void setUserKeyTabPath(Path userKeyTabPath)

Parameters:

userKeyTabPath - the path of the keyTab file with the user credentials

See Also:

• setUserPassword(String)

getServiceName

public String getServiceName()

Returns:

the name of the service to use

setServiceName

public void setServiceName(String serviceName)

Parameters:

serviceName - the name of the service to use

isUseTicketCache

public boolean isUseTicketCache()

Returns:

whether to use the ticket cache during login

setUseTicketCache

public void setUseTicketCache(boolean useTicketCache)

Parameters:

useTicketCache - whether to use the ticket cache during login

See Also:

• setTicketCachePath(Path)

getTicketCachePath

public Path getTicketCachePath()

Returns:

the path of the ticket cache file

setTicketCachePath

public void setTicketCachePath(Path ticketCachePath)

Parameters:

ticketCachePath - the path of the ticket cache file

See Also:

• setUseTicketCache(boolean)

isRenewTGT

public boolean isRenewTGT()

Returns:

whether to renew the ticket granting ticket

setRenewTGT

public void setRenewTGT(boolean renewTGT)

Parameters:

renewTGT - whether to renew the ticket granting ticket

authenticate

public Authentication.Result authenticate(Request request,
 ContentResponse response,
 Authentication.HeaderInfo headerInfo,
 Attributes context)

Description copied from interface: Authentication

Executes the authentication mechanism for the given request, returning a Authentication.Result that can be used to actually authenticate the request via Authentication.Result.apply(Request).

If a request for "/secure" returns a Authentication.Result, then the result may be used for other requests such as "/secure/foo" or "/secure/bar", unless those resources are protected by other realms.

Parameters:

request - the request to execute the authentication mechanism for

response - the 401 response obtained in the previous attempt to request the protected resource

headerInfo - the WWW-Authenticate (or Proxy-Authenticate) header chosen for this authentication (among the many that the response may contain)

context - the conversation context in case the authentication needs multiple exchanges to be completed and information needs to be stored across exchanges

Returns:

the authentication result, or null if the authentication could not be performed