org.eclipse.webdav.internal.authentication
Class AuthorizationAuthority
java.lang.Object
org.eclipse.webdav.internal.authentication.AuthorizationAuthority
- Direct Known Subclasses:
- BasicAuthority, DigestAuthority
public class AuthorizationAuthority
- extends Object
The AuthorizationAuthority
authorizes client
Requests for communication with HTTP servers. Subclasses
provide the necessary behavior for different authentication schemes.
Constructor Summary |
AuthorizationAuthority(IAuthenticator authenticatorStore)
Creates a new authenticator that stores its authentication information
in the given authenticator store. |
Method Summary |
boolean |
authorize(Request request,
IResponse response,
IContext context,
URL proxyServerUrl,
boolean isProxyAuthorization)
Authorizes the given request by setting its authorization credentials
in the given context. |
boolean |
confirm(Request request,
IResponse response,
URL proxyServerUrl)
Confirms whether the given response is valid by proving the server
knows the client's authentication secret (password). |
protected boolean |
confirmResponse(Request request,
IResponse response,
URL proxyServerUrl)
Confirms whether the given response is valid by proving the server
knows the client's authentication secret (password). |
protected Map |
getAuthenticationInfo(AuthenticateChallenge challenge,
Map oldInfo,
URL serverUrl,
URL protectionSpaceUrl)
Returns the new authentication information gleaned from the given
authenticate challenge and the given old authentication information. |
protected String |
getAuthorization(Request request,
Map info,
URL serverUrl,
URL protectionSpaceUrl,
URL proxyServerUrl)
Returns the authorization credentials for the given request. |
protected String |
md5(Request request)
Computes the MD5 hash value of the body of the given request and
returns the result as a HEX String . |
protected String |
md5(String s)
Computes the MD5 hash value of the given String and
returns the result as a HEX String . |
protected String |
unquote(String s)
Returns the given String with its quotes removed. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
authenticationSchemes
public static String[] authenticationSchemes
authenticatorStore
protected IAuthenticator authenticatorStore
AuthorizationAuthority
public AuthorizationAuthority(IAuthenticator authenticatorStore)
- Creates a new authenticator that stores its authentication information
in the given authenticator store.
- Parameters:
authenticatorStore
- a store that holds authentication
information
authorize
public boolean authorize(Request request,
IResponse response,
IContext context,
URL proxyServerUrl,
boolean isProxyAuthorization)
- Authorizes the given request by setting its authorization credentials
in the given context. If the given response is not
null
,
it is assumed to contain an authenticate challenge that is used to
derive the authorization credentials. Returns true if the authorization
succeeds, and false otherwise.
- Parameters:
request
- the request to authorizeresponse
- the response containing the authenticate challengecontext
- the context where the authorization credentials are setproxyServerUrl
- the URL of the proxy server, or null
if there is no proxy serverisProxyAuthorization
- a boolean indicating whether the
authorization credentials should be computed for the proxy server or
the origin server
- Returns:
- a boolean indicating whether the request was successfully
authorized
confirm
public boolean confirm(Request request,
IResponse response,
URL proxyServerUrl)
- Confirms whether the given response is valid by proving the server
knows the client's authentication secret (password). Moreover, the
server may wish to communicate some authentication information in the
response for the purposes of authorizing future request.
- Parameters:
request
- the request that has already been sentresponse
- the response back from the server to be verifiedproxyServerUrl
- the URL of the proxy server, or null
if there is none
confirmResponse
protected boolean confirmResponse(Request request,
IResponse response,
URL proxyServerUrl)
- Confirms whether the given response is valid by proving the server
knows the client's authentication secret (password). Moreover, the
server may wish to communicate some authentication information in the
response for the purposes of authorizing future request.
This method should be overridden by schema specific authenticators.
- Parameters:
request
- the request that has already been sentresponse
- the response back from the server to be verifiedproxyServerUrl
- the URL of the proxy server, or null
if there is none
getAuthenticationInfo
protected Map getAuthenticationInfo(AuthenticateChallenge challenge,
Map oldInfo,
URL serverUrl,
URL protectionSpaceUrl)
- Returns the new authentication information gleaned from the given
authenticate challenge and the given old authentication information.
The old authentication information may be
null
.
The authentication information usually contains directives such as
usernames and passwords.
This method should be overridden by schema specific authenticators.
- Parameters:
challenge
- the authenticate challenge from the serveroldInfo
- the old authentication informationserverUrl
- the URL of the serverprotectionSpaceUrl
- the URL of the protected resource
- Returns:
- new authentication information
getAuthorization
protected String getAuthorization(Request request,
Map info,
URL serverUrl,
URL protectionSpaceUrl,
URL proxyServerUrl)
- Returns the authorization credentials for the given request. The
authorization credentials are derived from the given authentication
info. The authentication info may contain directives such as usernames
and passwords.
This method should be overridden by schema specific authenticators.
- Parameters:
request
- the request being authorizedinfo
- the authentication information used to derive the
authorization credentialsserverUrl
- the URL of the serverprotectionSpaceUrl
- the URL of the protected resourceproxyServerUrl
- the URL of the proxy server, or null
if there is none
- Returns:
- the authorization credentials for the given request
md5
protected String md5(String s)
throws NoSuchAlgorithmException,
UnsupportedEncodingException
- Computes the MD5 hash value of the given
String
and
returns the result as a HEX String
.
- Parameters:
s
-
- Returns:
- a HEX
String
containing the MD5 hash value of the
given String
- Throws:
NoSuchAlgorithmException
UnsupportedEncodingException
md5
protected String md5(Request request)
throws NoSuchAlgorithmException,
IOException
- Computes the MD5 hash value of the body of the given request and
returns the result as a HEX
String
.
- Parameters:
request
-
- Returns:
- a HEX
String
containing the MD5 hash value of the
body of the given request
- Throws:
NoSuchAlgorithmException
IOException
unquote
protected String unquote(String s)
- Returns the given
String
with its quotes removed.
- Parameters:
s
- a String
- Returns:
- the given
String
with its quotes removed
Copyright © 2001-2014 JBoss by Red Hat. All Rights Reserved.