org.eclipse.webdav.internal.authentication
Class AuthorizationAuthority

java.lang.Object
  extended by org.eclipse.webdav.internal.authentication.AuthorizationAuthority
Direct Known Subclasses:
BasicAuthority, DigestAuthority

public class AuthorizationAuthority
extends Object

The AuthorizationAuthority authorizes client Requests for communication with HTTP servers. Subclasses provide the necessary behavior for different authentication schemes.


Field Summary
static String[] authenticationSchemes
           
protected  IAuthenticator authenticatorStore
           
 
Constructor Summary
AuthorizationAuthority(IAuthenticator authenticatorStore)
          Creates a new authenticator that stores its authentication information in the given authenticator store.
 
Method Summary
 boolean authorize(Request request, IResponse response, IContext context, URL proxyServerUrl, boolean isProxyAuthorization)
          Authorizes the given request by setting its authorization credentials in the given context.
 boolean confirm(Request request, IResponse response, URL proxyServerUrl)
          Confirms whether the given response is valid by proving the server knows the client's authentication secret (password).
protected  boolean confirmResponse(Request request, IResponse response, URL proxyServerUrl)
          Confirms whether the given response is valid by proving the server knows the client's authentication secret (password).
protected  Map getAuthenticationInfo(AuthenticateChallenge challenge, Map oldInfo, URL serverUrl, URL protectionSpaceUrl)
          Returns the new authentication information gleaned from the given authenticate challenge and the given old authentication information.
protected  String getAuthorization(Request request, Map info, URL serverUrl, URL protectionSpaceUrl, URL proxyServerUrl)
          Returns the authorization credentials for the given request.
protected  String md5(Request request)
          Computes the MD5 hash value of the body of the given request and returns the result as a HEX String.
protected  String md5(String s)
          Computes the MD5 hash value of the given String and returns the result as a HEX String.
protected  String unquote(String s)
          Returns the given String with its quotes removed.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

authenticationSchemes

public static String[] authenticationSchemes

authenticatorStore

protected IAuthenticator authenticatorStore
Constructor Detail

AuthorizationAuthority

public AuthorizationAuthority(IAuthenticator authenticatorStore)
Creates a new authenticator that stores its authentication information in the given authenticator store.

Parameters:
authenticatorStore - a store that holds authentication information
Method Detail

authorize

public boolean authorize(Request request,
                         IResponse response,
                         IContext context,
                         URL proxyServerUrl,
                         boolean isProxyAuthorization)
Authorizes the given request by setting its authorization credentials in the given context. If the given response is not null, it is assumed to contain an authenticate challenge that is used to derive the authorization credentials. Returns true if the authorization succeeds, and false otherwise.

Parameters:
request - the request to authorize
response - the response containing the authenticate challenge
context - the context where the authorization credentials are set
proxyServerUrl - the URL of the proxy server, or null if there is no proxy server
isProxyAuthorization - a boolean indicating whether the authorization credentials should be computed for the proxy server or the origin server
Returns:
a boolean indicating whether the request was successfully authorized

confirm

public boolean confirm(Request request,
                       IResponse response,
                       URL proxyServerUrl)
Confirms whether the given response is valid by proving the server knows the client's authentication secret (password). Moreover, the server may wish to communicate some authentication information in the response for the purposes of authorizing future request.

Parameters:
request - the request that has already been sent
response - the response back from the server to be verified
proxyServerUrl - the URL of the proxy server, or null if there is none

confirmResponse

protected boolean confirmResponse(Request request,
                                  IResponse response,
                                  URL proxyServerUrl)
Confirms whether the given response is valid by proving the server knows the client's authentication secret (password). Moreover, the server may wish to communicate some authentication information in the response for the purposes of authorizing future request.

This method should be overridden by schema specific authenticators.

Parameters:
request - the request that has already been sent
response - the response back from the server to be verified
proxyServerUrl - the URL of the proxy server, or null if there is none

getAuthenticationInfo

protected Map getAuthenticationInfo(AuthenticateChallenge challenge,
                                    Map oldInfo,
                                    URL serverUrl,
                                    URL protectionSpaceUrl)
Returns the new authentication information gleaned from the given authenticate challenge and the given old authentication information. The old authentication information may be null. The authentication information usually contains directives such as usernames and passwords.

This method should be overridden by schema specific authenticators.

Parameters:
challenge - the authenticate challenge from the server
oldInfo - the old authentication information
serverUrl - the URL of the server
protectionSpaceUrl - the URL of the protected resource
Returns:
new authentication information

getAuthorization

protected String getAuthorization(Request request,
                                  Map info,
                                  URL serverUrl,
                                  URL protectionSpaceUrl,
                                  URL proxyServerUrl)
Returns the authorization credentials for the given request. The authorization credentials are derived from the given authentication info. The authentication info may contain directives such as usernames and passwords.

This method should be overridden by schema specific authenticators.

Parameters:
request - the request being authorized
info - the authentication information used to derive the authorization credentials
serverUrl - the URL of the server
protectionSpaceUrl - the URL of the protected resource
proxyServerUrl - the URL of the proxy server, or null if there is none
Returns:
the authorization credentials for the given request

md5

protected String md5(String s)
              throws NoSuchAlgorithmException,
                     UnsupportedEncodingException
Computes the MD5 hash value of the given String and returns the result as a HEX String.

Parameters:
s -
Returns:
a HEX String containing the MD5 hash value of the given String
Throws:
NoSuchAlgorithmException
UnsupportedEncodingException

md5

protected String md5(Request request)
              throws NoSuchAlgorithmException,
                     IOException
Computes the MD5 hash value of the body of the given request and returns the result as a HEX String.

Parameters:
request -
Returns:
a HEX String containing the MD5 hash value of the body of the given request
Throws:
NoSuchAlgorithmException
IOException

unquote

protected String unquote(String s)
Returns the given String with its quotes removed.

Parameters:
s - a String
Returns:
the given String with its quotes removed


Copyright © 2001-2014 JBoss by Red Hat. All Rights Reserved.