Package io.undertow.security.impl
Class BasicAuthenticationMechanism
java.lang.Object
io.undertow.security.impl.BasicAuthenticationMechanism
- All Implemented Interfaces:
AuthenticationMechanism
The authentication handler responsible for BASIC authentication as described by RFC2617
- Author:
- Darran Lofthouse
-
Nested Class Summary
Nested ClassesNested classes/interfaces inherited from interface io.undertow.security.api.AuthenticationMechanism
AuthenticationMechanism.AuthenticationMechanismOutcome, AuthenticationMechanism.ChallengeResult
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final String
static final AuthenticationMechanismFactory
static final String
static final String
A comma separated list of patterns and charsets. -
Constructor Summary
ConstructorsConstructorDescriptionBasicAuthenticationMechanism
(String realmName) BasicAuthenticationMechanism
(String realmName, String mechanismName) BasicAuthenticationMechanism
(String realmName, String mechanismName, boolean silent) BasicAuthenticationMechanism
(String realmName, String mechanismName, boolean silent, IdentityManager identityManager) BasicAuthenticationMechanism
(String realmName, String mechanismName, boolean silent, IdentityManager identityManager, Charset charset, Map<Pattern, Charset> userAgentCharsets) -
Method Summary
Modifier and TypeMethodDescriptionauthenticate
(HttpServerExchange exchange, SecurityContext securityContext) Perform authentication of the request.sendChallenge
(HttpServerExchange exchange, SecurityContext securityContext) Send an authentication challenge to the remote client.
-
Field Details
-
FACTORY
-
SILENT
- See Also:
-
CHARSET
- See Also:
-
USER_AGENT_CHARSETS
A comma separated list of patterns and charsets. The pattern is a regular expression. Because different browsers user different encodings this allows for the correct encoding to be selected based on the current browser. In general though it is recommended that BASIC auth not be used when passwords contain characters outside ASCII, as some browsers use the current locate to determine encoding. This list must have an even number of elements, as it is interpreted as pattern,charset,pattern,charset,...- See Also:
-
-
Constructor Details
-
BasicAuthenticationMechanism
-
BasicAuthenticationMechanism
-
BasicAuthenticationMechanism
-
BasicAuthenticationMechanism
public BasicAuthenticationMechanism(String realmName, String mechanismName, boolean silent, IdentityManager identityManager) -
BasicAuthenticationMechanism
-
-
Method Details
-
authenticate
public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) Description copied from interface:AuthenticationMechanism
Perform authentication of the request. Any potentially blocking work should be performed in the handoff executor provided- Specified by:
authenticate
in interfaceAuthenticationMechanism
- Parameters:
exchange
- The exchange- Returns:
- See Also:
-
sendChallenge
public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange exchange, SecurityContext securityContext) Description copied from interface:AuthenticationMechanism
Send an authentication challenge to the remote client.The individual mechanisms should update the response headers and body of the message as appropriate however they should not set the response code, instead that should be indicated in the
AuthenticationMechanism.ChallengeResult
and the most appropriate overall response code will be selected. This method should not returnnull
.- Specified by:
sendChallenge
in interfaceAuthenticationMechanism
- Parameters:
exchange
- The exchangesecurityContext
- The security context- Returns:
- A
AuthenticationMechanism.ChallengeResult
indicating if a challenge was sent and the desired response code.
-