com.caucho.http.security
Class DigestLogin

java.lang.Object
  |
  +--com.caucho.http.security.AbstractLogin
        |
        +--com.caucho.http.security.DigestLogin

public class DigestLogin
extends AbstractLogin

Implements the "digest" auth-method. Basic uses the HTTP authentication with WWW-Authenticate and SC_UNAUTHORIZE.


Field Summary
protected  java.lang.String realm
           
 
Fields inherited from class com.caucho.http.security.AbstractLogin
auth, dbg
 
Constructor Summary
DigestLogin()
           
 
Method Summary
 java.security.Principal authenticate(HttpServletRequest request, HttpServletResponse response, ServletContext application)
          Logs a user in with a user name and a password.
protected  byte[] decodeDigest(java.lang.String digest)
           
 java.lang.String getAuthType()
          Returns the authentication type.
protected  java.security.Principal getDigestPrincipal(HttpServletRequest request, HttpServletResponse response, ServletContext application)
          Returns the principal from a basic authentication
protected  long getRandomLong(ServletContext application)
           
 java.lang.String getRealmName()
          Gets the realm.
 java.security.Principal getUserPrincipal(HttpServletRequest request, HttpServletResponse response, ServletContext application)
          Returns the current user with the user name and password.
protected  java.lang.String scanKey(CharCursor cursor)
           
protected  java.lang.String scanValue(CharCursor cursor)
           
protected  void sendDigestChallenge(HttpServletResponse res, ServletContext application)
          Sends a challenge for basic authentication.
 void setRealmName(java.lang.String realm)
          Sets the login realm.
protected  void skipWhitespace(CharCursor cursor)
           
 
Methods inherited from class com.caucho.http.security.AbstractLogin
getAuthenticator, init, isUserInRole, logout, setAuthenticator
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

realm

protected java.lang.String realm
Constructor Detail

DigestLogin

public DigestLogin()
Method Detail

setRealmName

public void setRealmName(java.lang.String realm)
Sets the login realm.

getRealmName

public java.lang.String getRealmName()
Gets the realm.

getAuthType

public java.lang.String getAuthType()
Returns the authentication type.
Overrides:
getAuthType in class AbstractLogin

authenticate

public java.security.Principal authenticate(HttpServletRequest request,
                                            HttpServletResponse response,
                                            ServletContext application)
                                     throws ServletException,
                                            java.io.IOException
Logs a user in with a user name and a password. Basic authentication extracts the user and password from the authorization header. If the user/password is missing, authenticate will send a basic challenge.
Overrides:
authenticate in class AbstractLogin
Parameters:
request - servlet request
response - servlet response, in case any cookie need sending.
application - servlet application
Returns:
the logged in principal on success, null on failure.

getUserPrincipal

public java.security.Principal getUserPrincipal(HttpServletRequest request,
                                                HttpServletResponse response,
                                                ServletContext application)
                                         throws ServletException
Returns the current user with the user name and password.
Overrides:
getUserPrincipal in class AbstractLogin
Parameters:
request - servlet request
response - servlet response, in case any cookie need sending.
application - servlet application
Returns:
the logged in principal on success, null on failure.

sendDigestChallenge

protected void sendDigestChallenge(HttpServletResponse res,
                                   ServletContext application)
                            throws ServletException,
                                   java.io.IOException
Sends a challenge for basic authentication.

getRandomLong

protected long getRandomLong(ServletContext application)

getDigestPrincipal

protected java.security.Principal getDigestPrincipal(HttpServletRequest request,
                                                     HttpServletResponse response,
                                                     ServletContext application)
                                              throws ServletException
Returns the principal from a basic authentication
Parameters:
auth - the authenticator for this application.

decodeDigest

protected byte[] decodeDigest(java.lang.String digest)

scanKey

protected java.lang.String scanKey(CharCursor cursor)
                            throws ServletException

scanValue

protected java.lang.String scanValue(CharCursor cursor)
                              throws ServletException

skipWhitespace

protected void skipWhitespace(CharCursor cursor)