Package io.undertow.security.api
Interface NonceManager
- All Known Subinterfaces:
SessionNonceManager
- All Known Implementing Classes:
SimpleNonceManager
public interface NonceManager
A NonceManager is used by the HTTP Digest authentication mechanism to request nonces and to validate the nonces sent from the
client.
- Author:
- Darran Lofthouse
-
Method Summary
Modifier and TypeMethodDescriptionnextNonce
(String lastNonce, HttpServerExchange exchange) Select the next nonce to be sent from the server taking into account the last valid nonce.boolean
validateNonce
(String nonce, int nonceCount, HttpServerExchange exchange) Validate that a nonce can be used.
-
Method Details
-
nextNonce
Select the next nonce to be sent from the server taking into account the last valid nonce. It is both possible and likely that the nonce last used by the client will still be valid, in that case the same nonce will be returned.- Parameters:
lastNonce
- - The last valid nonce received from the client or null if we don't already have a nonce.- Returns:
- The next nonce to be sent in a challenge to the client.
-
validateNonce
Validate that a nonce can be used. If the nonce can not be used but the related digest was correct then a new nonce should be returned to the client indicating that the nonce was stale. For implementations of this interface this method is not expected by be idempotent, i.e. once a nonce is validated with a specific nonceCount it is not expected that this method will return true again if the same combination is presented. This method is expected to ONLY be called if the users credentials are valid as a storage overhead could be incurred this overhead must not be accessible to unauthenticated clients.- Parameters:
nonce
- - The nonce received from the client.nonceCount
- - The nonce count from the client or -1 of none specified.- Returns:
- true if the nonce can be used otherwise return false.
-