Package org.nuxeo.ecm.ui.web.auth.digest
Class DigestAuthenticator
java.lang.Object
org.nuxeo.ecm.ui.web.auth.digest.DigestAuthenticator
- All Implemented Interfaces:
NuxeoAuthenticationPlugin
Nuxeo Authenticator for HTTP Digest Access Authentication (RFC 2617).
-
Field Summary
Modifier and TypeFieldDescriptionprotected String
protected static final String
protected static final String
protected static final long
protected static final String
protected static final String
protected static final String
protected static final String
protected long
protected static final String
protected static final String
protected static final String
protected String
protected static final String
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected static String
computeDigest
(String ha1, String httpMethod, String uri, String qop, String nonce, String nc, String cnonce) protected String
getStoredHA1
(String username) Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.protected String
getValidatedUsername
(Map<String, String> headerMap) handleLoginPrompt
(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String baseURL) Handles the Login Prompt.handleRetrieveIdentity
(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Retrieves user identification information from the request.void
initPlugin
(Map<String, String> parameters) Initializes the Plugin from parameters set in the XML descriptor.needLoginPrompt
(javax.servlet.http.HttpServletRequest httpRequest) Defines if the authentication plugin needs to do a login prompt.splitParameters
(String auth)
-
Field Details
-
DEFAULT_REALMNAME
- See Also:
-
DEFAULT_NONCE_VALIDITY_SECONDS
protected static final long DEFAULT_NONCE_VALIDITY_SECONDS- See Also:
-
REALM
- See Also:
-
HTTP_METHOD
- See Also:
-
URI
- See Also:
-
QOP
- See Also:
-
NONCE
- See Also:
-
NC
- See Also:
-
CNONCE
- See Also:
-
REALM_NAME_KEY
- See Also:
-
BA_HEADER_NAME
- See Also:
-
realmName
-
nonceValiditySeconds
protected long nonceValiditySeconds -
accessKey
-
-
Constructor Details
-
DigestAuthenticator
public DigestAuthenticator()
-
-
Method Details
-
handleLoginPrompt
public Boolean handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String baseURL) Description copied from interface:NuxeoAuthenticationPlugin
Handles the Login Prompt.- Specified by:
handleLoginPrompt
in interfaceNuxeoAuthenticationPlugin
- Parameters:
httpRequest
- the requesthttpResponse
- the response- Returns:
- true if AuthFilter must stop execution (ie: login prompt generated a redirect), false otherwise
-
handleRetrieveIdentity
public UserIdentificationInfo handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Description copied from interface:NuxeoAuthenticationPlugin
Retrieves user identification information from the request.- Specified by:
handleRetrieveIdentity
in interfaceNuxeoAuthenticationPlugin
- Parameters:
httpRequest
- the requesthttpResponse
- the response
-
needLoginPrompt
Description copied from interface:NuxeoAuthenticationPlugin
Defines if the authentication plugin needs to do a login prompt.- Specified by:
needLoginPrompt
in interfaceNuxeoAuthenticationPlugin
- Returns:
- true if LoginPrompt is used
-
initPlugin
Description copied from interface:NuxeoAuthenticationPlugin
Initializes the Plugin from parameters set in the XML descriptor.- Specified by:
initPlugin
in interfaceNuxeoAuthenticationPlugin
-
getUnAuthenticatedURLPrefix
Description copied from interface:NuxeoAuthenticationPlugin
Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.- Specified by:
getUnAuthenticatedURLPrefix
in interfaceNuxeoAuthenticationPlugin
-
splitParameters
-
getValidatedUsername
-
computeDigest
protected static String computeDigest(String ha1, String httpMethod, String uri, String qop, String nonce, String nc, String cnonce) throws IllegalArgumentException - Throws:
IllegalArgumentException
-
getStoredHA1
-