IAuthSession

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

electric.http.authentication
Interface IAuthSession

All Known Implementing Classes:: BasicAuthSession, DigestAuthSession

public interface IAuthSession

IAuthSession. Maintain the HTTP security session state. A single AuthSession may be shared between many theads.

Author:: webMethods

Method Summary
`boolean`	`authenticateRealm(XURL host, OutboundHTTPRequest request, AuthHeaderData authData)` Given the data from a WWW-Authenticate challenge header, plus locally maintained state, calculate the appropriate response and add it to the outgoing request.
`PasswordCredentials`	`getCredentials()`
`AuthHeaderData`	`parseAuthHeader(java.lang.String header)` Given a WWW-Authenticate challenge header, parse it and return the results as an AuthHeaderData.
`void`	`preAuthenticate(XURL host, OutboundHTTPRequest request)` If we have enough information to add an authentication header, then add it.
`void`	`setCredentials(PasswordCredentials credentials)` Users specify credentials as user names and passwords.

Method Detail

parseAuthHeader

public AuthHeaderData parseAuthHeader(java.lang.String header)

Given a WWW-Authenticate challenge header, parse it and return the results as an AuthHeaderData. This can be used to find the appropriate realm and look up credentials for use in authenticateRealm.

Parameters:: header - WWWAuthenticate header

authenticateRealm

public boolean authenticateRealm(XURL host,
                                 OutboundHTTPRequest request,
                                 AuthHeaderData authData)

Given the data from a WWW-Authenticate challenge header, plus locally maintained state, calculate the appropriate response and add it to the outgoing request. The authenticator must update the copy of authData in authSession to match the options chosen from those presented in authData. Return true if the caller should retry the request if this request fails, false otherwise. (No point in retrying Basic, but Digest may return new information in the next 401)

Parameters:: host - Server; request -; authData - Information from WWW-Authenticate header

preAuthenticate

public void preAuthenticate(XURL host,
                            OutboundHTTPRequest request)

If we have enough information to add an authentication header, then add it. (Some schemes, like BASIC, allow speculative authentication before a 401 is received)

Parameters:: host -; request -

setCredentials

public void setCredentials(PasswordCredentials credentials)

Users specify credentials as user names and passwords. The AuthSession will convert them into the appropriate format for authenticating to the server.

Parameters:: credentials -

getCredentials

public PasswordCredentials getCredentials()

Returns:: credentials associated with this auth session