Package io.undertow.security.impl

Class BasicAuthenticationMechanism

java.lang.Object

io.undertow.security.impl.BasicAuthenticationMechanism

All Implemented Interfaces:

AuthenticationMechanism

public class BasicAuthenticationMechanism
extends java.lang.Object
implements AuthenticationMechanism

The authentication handler responsible for BASIC authentication as described by RFC2617

Author:

Darran Lofthouse

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	BasicAuthenticationMechanism.Factory

Nested classes/interfaces inherited from interface io.undertow.security.api.AuthenticationMechanism

AuthenticationMechanism.AuthenticationMechanismOutcome, AuthenticationMechanism.ChallengeResult

Field Summary

Fields

Modifier and Type	Field	Description
static java.lang.String	CHARSET
static AuthenticationMechanismFactory	FACTORY
static java.lang.String	SILENT
static java.lang.String	USER_AGENT_CHARSETS	A comma separated list of patterns and charsets.

Constructor Summary

Constructors

Constructor	Description
BasicAuthenticationMechanism(java.lang.String realmName)
BasicAuthenticationMechanism(java.lang.String realmName, java.lang.String mechanismName)
BasicAuthenticationMechanism(java.lang.String realmName, java.lang.String mechanismName, boolean silent)
BasicAuthenticationMechanism(java.lang.String realmName, java.lang.String mechanismName, boolean silent, IdentityManager identityManager)
BasicAuthenticationMechanism(java.lang.String realmName, java.lang.String mechanismName, boolean silent, IdentityManager identityManager, java.nio.charset.Charset charset, java.util.Map<java.util.regex.Pattern,java.nio.charset.Charset> userAgentCharsets)

Method Summary

Modifier and Type	Method	Description
AuthenticationMechanism.AuthenticationMechanismOutcome	authenticate(HttpServerExchange exchange, SecurityContext securityContext)	Perform authentication of the request.
AuthenticationMechanism.ChallengeResult	sendChallenge(HttpServerExchange exchange, SecurityContext securityContext)	Send an authentication challenge to the remote client.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

FACTORY

public static final AuthenticationMechanismFactory FACTORY

SILENT

public static final java.lang.String SILENT

See Also:

Constant Field Values

CHARSET

public static final java.lang.String CHARSET

See Also:

Constant Field Values

USER_AGENT_CHARSETS

public static final java.lang.String USER_AGENT_CHARSETS

A comma separated list of patterns and charsets. The pattern is a regular expression. Because different browsers user different encodings this allows for the correct encoding to be selected based on the current browser. In general though it is recommended that BASIC auth not be used when passwords contain characters outside ASCII, as some browsers use the current locate to determine encoding. This list must have an even number of elements, as it is interpreted as pattern,charset,pattern,charset,...

See Also:

Constant Field Values

Constructor Detail

BasicAuthenticationMechanism

public BasicAuthenticationMechanism(java.lang.String realmName)

BasicAuthenticationMechanism

public BasicAuthenticationMechanism(java.lang.String realmName,
                                    java.lang.String mechanismName)

BasicAuthenticationMechanism

public BasicAuthenticationMechanism(java.lang.String realmName,
                                    java.lang.String mechanismName,
                                    boolean silent)

BasicAuthenticationMechanism

public BasicAuthenticationMechanism(java.lang.String realmName,
                                    java.lang.String mechanismName,
                                    boolean silent,
                                    IdentityManager identityManager)

BasicAuthenticationMechanism

public BasicAuthenticationMechanism(java.lang.String realmName,
                                    java.lang.String mechanismName,
                                    boolean silent,
                                    IdentityManager identityManager,
                                    java.nio.charset.Charset charset,
                                    java.util.Map<java.util.regex.Pattern,java.nio.charset.Charset> userAgentCharsets)

Method Detail

authenticate

public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange,
                                                                           SecurityContext securityContext)

Description copied from interface: AuthenticationMechanism

Perform authentication of the request. Any potentially blocking work should be performed in the handoff executor provided

Specified by:

authenticate in interface AuthenticationMechanism

Parameters:

exchange - The exchange

Returns:

See Also:

HttpHandler.handleRequest(io.undertow.server.HttpServerExchange)

sendChallenge

public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange exchange,
                                                             SecurityContext securityContext)

Description copied from interface: AuthenticationMechanism

Send an authentication challenge to the remote client.

The individual mechanisms should update the response headers and body of the message as appropriate however they should not set the response code, instead that should be indicated in the AuthenticationMechanism.ChallengeResult and the most appropriate overall response code will be selected. This method should not return null.

Specified by:

sendChallenge in interface AuthenticationMechanism

Parameters:

exchange - The exchange

securityContext - The security context

Returns:

A AuthenticationMechanism.ChallengeResult indicating if a challenge was sent and the desired response code.