Class DigestAuthentication

java.lang.Object
org.eclipse.jetty.client.AbstractAuthentication
org.eclipse.jetty.client.DigestAuthentication
All Implemented Interfaces:
Authentication
public class DigestAuthentication extends AbstractAuthentication
Implementation of the HTTP "Digest" authentication defined in RFC 2617.

Applications should create objects of this class and add them to the AuthenticationStore retrieved from the HttpClient via HttpClient.getAuthenticationStore().

  • Constructor Details

    • DigestAuthentication

      public DigestAuthentication(URI uri, String realm, String user, String password)
      Construct a DigestAuthentication with a SecureRandom nonce.
      Parameters:
      uri - the URI to match for the authentication
      realm - the realm to match for the authentication
      user - the user that wants to authenticate
      password - the password of the user

    • DigestAuthentication

      public DigestAuthentication(URI uri, String realm, String user, String password, Random random)
      Parameters:
      uri - the URI to match for the authentication
      realm - the realm to match for the authentication
      user - the user that wants to authenticate
      password - the password of the user
      random - the Random generator to use for nonces.

  • Method Details

    • getType

      public String getType()
      Specified by:
      getType in class AbstractAuthentication

    • matches

      public boolean matches(String type, URI uri, String realm)
      Description copied from interface: Authentication
      Matches Authentications based on the given parameters
      Specified by:
      matches in interface Authentication
      Overrides:
      matches in class AbstractAuthentication
      Parameters:
      type - the Authentication type such as "Basic" or "Digest"
      uri - the request URI
      realm - the authentication realm as provided in the WWW-Authenticate response header
      Returns:
      true if this authentication matches, false otherwise

    • authenticate

      public Authentication.Result authenticate(Request request, ContentResponse response, Authentication.HeaderInfo headerInfo, Attributes context)
      Description copied from interface: Authentication
      Executes the authentication mechanism for the given request, returning a Authentication.Result that can be used to actually authenticate the request via Authentication.Result.apply(Request).

      If a request for "/secure" returns a Authentication.Result, then the result may be used for other requests such as "/secure/foo" or "/secure/bar", unless those resources are protected by other realms.

      Parameters:
      request - the request to execute the authentication mechanism for
      response - the 401 response obtained in the previous attempt to request the protected resource
      headerInfo - the WWW-Authenticate (or Proxy-Authenticate) header chosen for this authentication (among the many that the response may contain)
      context - the conversation context in case the authentication needs multiple exchanges to be completed and information needs to be stored across exchanges
      Returns:
      the authentication result, or null if the authentication could not be performed