Package org.eclipse.jetty.client

Interface Authentication

All Known Implementing Classes:

AbstractAuthentication, BasicAuthentication, DigestAuthentication, SPNEGOAuthentication

public interface Authentication

Authentication represents a mechanism to authenticate requests for protected resources.

Authentications are added to an AuthenticationStore, which is then queried to find the right Authentication mechanism to use based on its type, URI and realm, as returned by WWW-Authenticate response headers.

If an Authentication mechanism is found, it is then executed for the given request, returning an Authentication.Result, which is then stored in the AuthenticationStore so that subsequent requests can be preemptively authenticated.

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static class	Authentication.HeaderInfo	Structure holding information about the WWW-Authenticate (or Proxy-Authenticate) header.
static interface	Authentication.Result	Authentication.Result holds the information needed to authenticate a Request via Authentication.Result.apply(Request).

Field Summary

Fields

Modifier and Type	Field	Description
static final String	ANY_REALM	Constant used to indicate that any realm will match.

Method Summary

Modifier and Type	Method	Description
Authentication.Result	authenticate(Request request, ContentResponse response, Authentication.HeaderInfo headerInfo, Attributes context)	Executes the authentication mechanism for the given request, returning a Authentication.Result that can be used to actually authenticate the request via Authentication.Result.apply(Request).
boolean	matches(String type, URI uri, String realm)	Matches Authentications based on the given parameters

Field Details

ANY_REALM

static final String ANY_REALM

Constant used to indicate that any realm will match.

See Also:

• matches(String, URI, String)
• Constant Field Values

Method Details

matches

boolean matches(String type,
 URI uri,
 String realm)

Matches Authentications based on the given parameters

Parameters:

type - the Authentication type such as "Basic" or "Digest"

uri - the request URI

realm - the authentication realm as provided in the WWW-Authenticate response header

Returns:

true if this authentication matches, false otherwise

authenticate

Authentication.Result authenticate(Request request,
 ContentResponse response,
 Authentication.HeaderInfo headerInfo,
 Attributes context)

Executes the authentication mechanism for the given request, returning a Authentication.Result that can be used to actually authenticate the request via Authentication.Result.apply(Request).

If a request for "/secure" returns a Authentication.Result, then the result may be used for other requests such as "/secure/foo" or "/secure/bar", unless those resources are protected by other realms.

Parameters:

request - the request to execute the authentication mechanism for

response - the 401 response obtained in the previous attempt to request the protected resource

headerInfo - the WWW-Authenticate (or Proxy-Authenticate) header chosen for this authentication (among the many that the response may contain)

context - the conversation context in case the authentication needs multiple exchanges to be completed and information needs to be stored across exchanges

Returns:

the authentication result, or null if the authentication could not be performed