org.restlet.ext.crypto
Class DigestAuthenticator

java.lang.Object
  extended by org.restlet.Restlet
      extended by org.restlet.routing.Filter
          extended by org.restlet.security.Authenticator
              extended by org.restlet.security.ChallengeAuthenticator
                  extended by org.restlet.ext.crypto.DigestAuthenticator
All Implemented Interfaces:
Uniform

public class DigestAuthenticator
extends ChallengeAuthenticator

Authenticator supporting the digest challenge authentication schemes. By default, it only knows about the ChallengeScheme.HTTP_DIGEST scheme.

Author:
Jerome Louvel
See Also:
DigestVerifier, DigestAuthenticator

Field Summary
 
Fields inherited from class org.restlet.routing.Filter
CONTINUE, SKIP, STOP
 
Constructor Summary
DigestAuthenticator(Context context, boolean optional, String realm, List<Reference> domainRefs, String serverKey)
          Constructor.
DigestAuthenticator(Context context, String realm, String serverKey)
          Constructor.
 
Method Summary
protected  ChallengeRequest createChallengeRequest(boolean stale)
           
 String generateServerNonce()
          Generates a server nonce.
 List<Reference> getDomainRefs()
          Returns the base URI references that collectively define the protected domains for the digest authentication.
 String getHashedSecret(String identifier, char[] secret)
          Return the hashed secret.
 long getMaxServerNonceAge()
          Returns the number of milliseconds between each mandatory nonce refresh.
 String getServerKey()
          Returns the secret key known only by server.
 DigestVerifier<LocalVerifier> getVerifier()
           
 void setDomainRefs(List<Reference> domainRefs)
          Sets the URI references that define the protection domains for the digest authentication.
 void setMaxServerNonceAge(long maxServerNonceAge)
          Sets the number of milliseconds between each mandatory nonce refresh.
 void setServerKey(String serverKey)
          Sets the secret key known only by server.
 void setVerifier(Verifier verifier)
          Set the internal verifier.
 void setWrappedAlgorithm(String wrappedAlgorithm)
          Sets the digest algorithm of secrets returned by the wrapped verifier.
 void setWrappedVerifier(LocalVerifier localVerifier)
          Sets the secret verifier that will be wrapped by real verifier supporting all the HTTP DIGEST verifications (nonce, domain URIs, etc.).
 
Methods inherited from class org.restlet.security.ChallengeAuthenticator
authenticate, challenge, forbid, getRealm, getScheme, isRechallenging, setRealm, setRechallenging
 
Methods inherited from class org.restlet.security.Authenticator
authenticated, beforeHandle, getEnroler, isMultiAuthenticating, isOptional, setEnroler, setMultiAuthenticating, setOptional, unauthenticated
 
Methods inherited from class org.restlet.routing.Filter
afterHandle, doHandle, getNext, handle, hasNext, setNext, setNext, start, stop
 
Methods inherited from class org.restlet.Restlet
createFinder, finalize, getApplication, getAuthor, getContext, getDescription, getFinderClass, getLogger, getName, getOwner, handle, handle, handle, isStarted, isStopped, setAuthor, setContext, setDescription, setFinderClass, setName, setOwner
 
Methods inherited from class java.lang.Object
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DigestAuthenticator

public DigestAuthenticator(Context context,
                           boolean optional,
                           String realm,
                           List<Reference> domainRefs,
                           String serverKey)
Constructor. Sets the challenge scheme to ChallengeScheme.HTTP_DIGEST and the nonce lifespan to 5 minutes by default.

Parameters:
context - The context.
optional - Indicates if the authentication success is optional.
realm - The authentication realm.
domainRefs - The URI references that define the protection domains.
serverKey - The secret key known only to server.

DigestAuthenticator

public DigestAuthenticator(Context context,
                           String realm,
                           String serverKey)
Constructor. By default, it set the "optional" property to 'false' and the "domainUris" property to a single '/' URI.

Parameters:
context - The context.
realm - The authentication realm.
serverKey - secret key known only to server
Method Detail

createChallengeRequest

protected ChallengeRequest createChallengeRequest(boolean stale)
Overrides:
createChallengeRequest in class ChallengeAuthenticator

generateServerNonce

public String generateServerNonce()
Generates a server nonce.

Returns:
A new server nonce.

getDomainRefs

public List<Reference> getDomainRefs()
Returns the base URI references that collectively define the protected domains for the digest authentication. By default it return a list with a single "/" URI reference.

Returns:
The base URI references.

getHashedSecret

public String getHashedSecret(String identifier,
                              char[] secret)
Return the hashed secret. By default, it knows how to hash HTTP DIGEST secrets, specified as A1 in section 3.2.2.2 of RFC2617, or null if the identifier has no corresponding secret.

Parameters:
identifier - The user identifier to hash.
secret - The user secret.
Returns:
A hash of the user name, realm, and password.

getMaxServerNonceAge

public long getMaxServerNonceAge()
Returns the number of milliseconds between each mandatory nonce refresh.

Returns:
The server nonce lifespan.

getServerKey

public String getServerKey()
Returns the secret key known only by server.

Returns:
The server secret key.

getVerifier

public DigestVerifier<LocalVerifier> getVerifier()
Overrides:
getVerifier in class ChallengeAuthenticator

setDomainRefs

public void setDomainRefs(List<Reference> domainRefs)
Sets the URI references that define the protection domains for the digest authentication.

Parameters:
domainRefs - The base URI references.

setMaxServerNonceAge

public void setMaxServerNonceAge(long maxServerNonceAge)
Sets the number of milliseconds between each mandatory nonce refresh.

Parameters:
maxServerNonceAge - The nonce lifespan in milliseconds.

setServerKey

public void setServerKey(String serverKey)
Sets the secret key known only by server.

Parameters:
serverKey - The server secret key.

setVerifier

public void setVerifier(Verifier verifier)
Set the internal verifier. In general you shouldn't replace it and instead use the setWrappedVerifier(LocalVerifier) method.

Overrides:
setVerifier in class ChallengeAuthenticator
Parameters:
verifier - The internal verifier.

setWrappedAlgorithm

public void setWrappedAlgorithm(String wrappedAlgorithm)
Sets the digest algorithm of secrets returned by the wrapped verifier. The secrets from the wrapped verifier are the ones used by the verifier to compare those sent by clients when attempting to authenticate.

Parameters:
wrappedAlgorithm - The digest algorithm of secrets returned by the wrapped verifier.
See Also:
Digest

setWrappedVerifier

public void setWrappedVerifier(LocalVerifier localVerifier)
Sets the secret verifier that will be wrapped by real verifier supporting all the HTTP DIGEST verifications (nonce, domain URIs, etc.).

Parameters:
localVerifier - The local verifier to wrap.


Copyright © 2005-2013 Restlet.