Class BasicAuthenticator
- java.lang.Object
-
- org.apache.catalina.util.LifecycleBase
-
- org.apache.catalina.util.LifecycleMBeanBase
-
- org.apache.catalina.valves.ValveBase
-
- org.apache.catalina.authenticator.AuthenticatorBase
-
- org.apache.catalina.authenticator.BasicAuthenticator
-
- All Implemented Interfaces:
RegistrationListener
,javax.management.MBeanRegistration
,Authenticator
,Contained
,JmxEnabled
,Lifecycle
,Valve
public class BasicAuthenticator extends AuthenticatorBase
An Authenticator and Valve implementation of HTTP BASIC Authentication, as outlined in RFC 2617: "HTTP Authentication: Basic and Digest Access Authentication."- Author:
- Craig R. McClanahan
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
BasicAuthenticator.BasicCredentials
Parser for an HTTP Authorization header for BASIC authentication as per RFC 2617 section 2, and the Base64 encoded credentials as per RFC 2045 section 6.8.-
Nested classes/interfaces inherited from class org.apache.catalina.authenticator.AuthenticatorBase
AuthenticatorBase.AllowCorsPreflight
-
Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle
Lifecycle.SingleUse
-
-
Field Summary
-
Fields inherited from class org.apache.catalina.authenticator.AuthenticatorBase
alwaysUseSession, AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, jaspicCallbackHandlerClass, REALM_NAME, securePagesWithPragma, secureRandomAlgorithm, secureRandomClass, secureRandomProvider, sendAuthInfoResponseHeaders, sessionIdGenerator, sm, sso
-
Fields inherited from class org.apache.catalina.valves.ValveBase
asyncSupported, container, containerLog, next
-
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
-
-
Constructor Summary
Constructors Constructor Description BasicAuthenticator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected boolean
doAuthenticate(Request request, HttpServletResponse response)
Provided for sub-classes to implement their specific authentication mechanism.protected java.lang.String
getAuthMethod()
java.lang.String
getCharset()
boolean
getTrimCredentials()
protected boolean
isPreemptiveAuthPossible(Request request)
Can the authenticator perform preemptive authentication for the given request?void
setCharset(java.lang.String charsetString)
void
setTrimCredentials(boolean trimCredentials)
-
Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBase
allowCorsPreflightBypass, associate, authenticate, changeSessionID, checkForCachedAuthentication, doLogin, getAllowCorsPreflight, getAlwaysUseSession, getCache, getChangeSessionIdOnAuthentication, getContainer, getDisableProxyCaching, getJaspicCallbackHandlerClass, getRealmName, getSecurePagesWithPragma, getSecureRandomAlgorithm, getSecureRandomClass, getSecureRandomProvider, invoke, isContinuationRequired, isSendAuthInfoResponseHeaders, login, logout, notify, reauthenticateFromSSO, register, register, setAllowCorsPreflight, setAlwaysUseSession, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setJaspicCallbackHandlerClass, setSecurePagesWithPragma, setSecureRandomAlgorithm, setSecureRandomClass, setSecureRandomProvider, setSendAuthInfoResponseHeaders, startInternal, stopInternal
-
Methods inherited from class org.apache.catalina.valves.ValveBase
backgroundProcess, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setNext, toString
-
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregister
-
Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
-
-
-
-
Method Detail
-
getCharset
public java.lang.String getCharset()
-
setCharset
public void setCharset(java.lang.String charsetString)
-
getTrimCredentials
public boolean getTrimCredentials()
-
setTrimCredentials
public void setTrimCredentials(boolean trimCredentials)
-
doAuthenticate
protected boolean doAuthenticate(Request request, HttpServletResponse response) throws java.io.IOException
Description copied from class:AuthenticatorBase
Provided for sub-classes to implement their specific authentication mechanism.- Specified by:
doAuthenticate
in classAuthenticatorBase
- Parameters:
request
- The request that triggered the authenticationresponse
- The response associated with the request- Returns:
true
if the the user was authenticated, otherwisefalse
, in which case an authentication challenge will have been written to the response- Throws:
java.io.IOException
- If an I/O problem occurred during the authentication process
-
getAuthMethod
protected java.lang.String getAuthMethod()
- Specified by:
getAuthMethod
in classAuthenticatorBase
-
isPreemptiveAuthPossible
protected boolean isPreemptiveAuthPossible(Request request)
Description copied from class:AuthenticatorBase
Can the authenticator perform preemptive authentication for the given request?- Overrides:
isPreemptiveAuthPossible
in classAuthenticatorBase
- Parameters:
request
- The request to check for credentials- Returns:
true
if preemptive authentication is possible, otherwisefalse
-
-