public class SPNEGOAuthentication extends AbstractAuthentication
Implementation of the SPNEGO (or "Negotiate") authentication defined in RFC 4559.
A user
is logged in via JAAS (either via userName/password or
via userName/keyTab) once only.
For every request that needs authentication, a GSSContext
is initiated and
later established after reading the response from the server.
Applications should create objects of this class and add them to the
AuthenticationStore
retrieved from the HttpClient
via HttpClient.getAuthenticationStore()
.
Modifier and Type | Class and Description |
---|---|
static class |
SPNEGOAuthentication.SPNEGOResult |
Authentication.HeaderInfo, Authentication.Result
ANY_REALM
Constructor and Description |
---|
SPNEGOAuthentication(URI uri) |
Modifier and Type | Method and Description |
---|---|
Authentication.Result |
authenticate(Request request,
ContentResponse response,
Authentication.HeaderInfo headerInfo,
Attributes context)
Executes the authentication mechanism for the given request, returning a
Result that can be
used to actually authenticate the request via Authentication.Result.apply(Request) . |
String |
getServiceName() |
Path |
getTicketCachePath() |
String |
getType() |
Path |
getUserKeyTabPath() |
String |
getUserName() |
String |
getUserPassword() |
boolean |
isRenewTGT() |
boolean |
isUseTicketCache() |
void |
setRenewTGT(boolean renewTGT) |
void |
setServiceName(String serviceName) |
void |
setTicketCachePath(Path ticketCachePath) |
void |
setUserKeyTabPath(Path userKeyTabPath) |
void |
setUserName(String userName) |
void |
setUserPassword(String userPassword) |
void |
setUseTicketCache(boolean useTicketCache) |
getRealm, getURI, matches, matchesURI
public SPNEGOAuthentication(URI uri)
public String getType()
getType
in class AbstractAuthentication
public String getUserName()
public void setUserName(String userName)
userName
- user name of the user to loginpublic String getUserPassword()
public void setUserPassword(String userPassword)
userPassword
- the password of the user to loginsetUserKeyTabPath(Path)
public Path getUserKeyTabPath()
public void setUserKeyTabPath(Path userKeyTabPath)
userKeyTabPath
- the path of the keyTab file with the user credentialssetUserPassword(String)
public String getServiceName()
public void setServiceName(String serviceName)
serviceName
- the name of the service to usepublic boolean isUseTicketCache()
public void setUseTicketCache(boolean useTicketCache)
useTicketCache
- whether to use the ticket cache during loginsetTicketCachePath(Path)
public Path getTicketCachePath()
public void setTicketCachePath(Path ticketCachePath)
ticketCachePath
- the path of the ticket cache filesetUseTicketCache(boolean)
public boolean isRenewTGT()
public void setRenewTGT(boolean renewTGT)
renewTGT
- whether to renew the ticket granting ticketpublic Authentication.Result authenticate(Request request, ContentResponse response, Authentication.HeaderInfo headerInfo, Attributes context)
Authentication
Result
that can be
used to actually authenticate the request via Authentication.Result.apply(Request)
.
If a request for "/secure"
returns a Result
, then the result may be used for other
requests such as "/secure/foo"
or "/secure/bar"
, unless those resources are protected
by other realms.
request
- the request to execute the authentication mechanism forresponse
- the 401 response obtained in the previous attempt to request the protected resourceheaderInfo
- the WWW-Authenticate
(or Proxy-Authenticate
) header chosen for this
authentication (among the many that the response may contain)context
- the conversation context in case the authentication needs multiple exchanges
to be completed and information needs to be stored across exchangesCopyright © 2010 - 2020 Adobe. All Rights Reserved