org.apache.catalina.authenticator
public class DigestAuthenticator extends AuthenticatorBase
Version: $Revision: 467222 $ $Date: 2006-10-24 05:17:11 +0200 (Tue, 24 Oct 2006) $
Field Summary | |
---|---|
protected static String | info
Descriptive information about this implementation. |
protected String | key
Private key. |
protected static MD5Encoder | md5Encoder
The MD5 helper object for this class. |
protected static MessageDigest | md5Helper
MD5 message digest provider. |
Constructor Summary | |
---|---|
DigestAuthenticator() |
Method Summary | |
---|---|
boolean | authenticate(Request request, Response response, LoginConfig config)
Authenticate the user making this request, based on the specified
login configuration. |
protected static Principal | findPrincipal(Request request, String authorization, Realm realm)
Parse the specified authorization credentials, and return the
associated Principal that these credentials authenticate (if any)
from the specified Realm. |
protected String | generateNOnce(Request request)
Generate a unique token. |
String | getInfo()
Return descriptive information about this Valve implementation. |
protected String | parseUsername(String authorization)
Parse the username from the specified authorization string. |
protected static String | removeQuotes(String quotedString, boolean quotesRequired)
Removes the quotes on a string. |
protected static String | removeQuotes(String quotedString)
Removes the quotes on a string. |
protected void | setAuthenticateHeader(Request request, Response response, LoginConfig config, String nOnce)
Generates the WWW-Authenticate header.
|
true
if any specified
constraint has been satisfied, or false
if we have
created a response challenge already.
Parameters: request Request we are processing response Response we are creating config Login configuration describing how authentication should be performed
Throws: IOException if an input/output error occurs
null
.
Parameters: request HTTP servlet request authorization Authorization credentials from this request realm Realm used to authenticate Principals
Parameters: request HTTP Servlet request
null
Parameters: authorization Authorization string to be parsed
The header MUST follow this template :
WWW-Authenticate = "WWW-Authenticate" ":" "Digest" digest-challenge digest-challenge = 1#( realm | [ domain ] | nOnce | [ digest-opaque ] |[ stale ] | [ algorithm ] ) realm = "realm" "=" realm-value realm-value = quoted-string domain = "domain" "=" <"> 1#URI <"> nonce = "nonce" "=" nonce-value nonce-value = quoted-string opaque = "opaque" "=" quoted-string stale = "stale" "=" ( "true" | "false" ) algorithm = "algorithm" "=" ( "MD5" | token )
Parameters: request HTTP Servlet request response HTTP Servlet response config Login configuration describing how authentication should be performed nOnce nonce token