org.apache.http.auth
Interface AuthScheme

All Known Subinterfaces:

ContextAwareAuthScheme

All Known Implementing Classes:

AuthSchemeBase, BasicScheme, DigestScheme, GGSSchemeBase, KerberosScheme, NegotiateScheme, NTLMScheme, RFC2617Scheme, SPNegoScheme

public interface AuthScheme

This interface represents an abstract challenge-response oriented authentication scheme.

An authentication scheme should be able to support the following functions:

• Parse and process the challenge sent by the target server in response to request for a protected resource
• Provide its textual designation
• Provide its parameters, if available
• Provide the realm this authentication scheme is applicable to, if available
• Generate authorization string for the given set of credentials and the HTTP request in response to the authorization challenge.

Authentication schemes may be stateful involving a series of challenge-response exchanges.

IMPORTANT: implementations of this interface MUST also implement ContextAwareAuthScheme interface in order to remain API compatible with newer versions of HttpClient.

Since:

4.0

Method Summary

org.apache.http.Header	authenticate(Credentials credentials, org.apache.http.HttpRequest request) Deprecated. (4.1) Use ContextAwareAuthScheme.authenticate(Credentials, HttpRequest, org.apache.http.protocol.HttpContext)
String	getParameter(String name) Returns authentication parameter with the given name, if available.
String	getRealm() Returns authentication realm.
String	getSchemeName() Returns textual designation of the given authentication scheme.
boolean	isComplete() Authentication process may involve a series of challenge-response exchanges.
boolean	isConnectionBased() Tests if the authentication scheme is provides authorization on a per connection basis instead of usual per request basis
void	processChallenge(org.apache.http.Header header) Processes the given challenge token.

Method Detail

processChallenge

void processChallenge(org.apache.http.Header header)
                      throws MalformedChallengeException

Processes the given challenge token. Some authentication schemes may involve multiple challenge-response exchanges. Such schemes must be able to maintain the state information when dealing with sequential challenges

Parameters:

header - the challenge header

Throws:

MalformedChallengeException

getSchemeName

String getSchemeName()

Returns textual designation of the given authentication scheme.

Returns:

the name of the given authentication scheme

getParameter

String getParameter(String name)

Returns authentication parameter with the given name, if available.

Parameters:

name - The name of the parameter to be returned

Returns:

the parameter with the given name

getRealm

String getRealm()

Returns authentication realm. If the concept of an authentication realm is not applicable to the given authentication scheme, returns null.

Returns:

the authentication realm

isConnectionBased

boolean isConnectionBased()

Tests if the authentication scheme is provides authorization on a per connection basis instead of usual per request basis

Returns:

true if the scheme is connection based, false if the scheme is request based.

isComplete

boolean isComplete()

Authentication process may involve a series of challenge-response exchanges. This method tests if the authorization process has been completed, either successfully or unsuccessfully, that is, all the required authorization challenges have been processed in their entirety.

Returns:

true if the authentication process has been completed, false otherwise.

authenticate

@Deprecated
org.apache.http.Header authenticate(Credentials credentials,
                                               org.apache.http.HttpRequest request)
                                    throws AuthenticationException

Deprecated. (4.1) Use ContextAwareAuthScheme.authenticate(Credentials, HttpRequest, org.apache.http.protocol.HttpContext)

Produces an authorization string for the given set of Credentials.

Parameters:

credentials - The set of credentials to be used for athentication

request - The request being authenticated

Returns:

the authorization string

Throws:

AuthenticationException - if authorization string cannot be generated due to an authentication failure