Package org.exoplatform.common.http.client

Class DefaultAuthHandler

java.lang.Object

org.exoplatform.common.http.client.DefaultAuthHandler

All Implemented Interfaces:

AuthorizationHandler

public class DefaultAuthHandler
extends Object
implements AuthorizationHandler

This class is the default authorization handler. It currently handles the authentication schemes "Basic", "Digest", and "SOCKS5" (used for the SocksClient and not part of HTTP per se).

By default, when a username and password is required, this handler throws up a message box requesting the desired info. However, applications can set their own authorization prompter if desired.

Note: all methods except for setAuthorizationPrompter are meant to be invoked by the AuthorizationModule only, i.e. should not be invoked by the application (those methods are only public because implementing the AuthorizationHandler interface requires them to be).

Since:

V0.2

Version:

0.3-3 06/05/2001

Author:

Ronald Tschal���r

Field Summary

Fields

Modifier and Type	Field	Description
static int	CD_0
static int	CD_CHUNKED
static int	CD_CLOSE
static int	CD_CONTLEN
static int	CD_HDRS
static int	CD_MP_BR
static int	CD_NONE	Content delimiters
static int	HTTP	possible http protocols we (might) handle
static int	HTTP_1_0	some known http versions
static int	HTTP_1_1
static int	HTTP_NG
static int	HTTPS
static int	SHTTP

Constructor Summary

Constructors

Constructor	Description
DefaultAuthHandler()

Method Summary

Modifier and Type	Method	Description
AuthorizationInfo	fixupAuthInfo(AuthorizationInfo info, RoRequest req, AuthorizationInfo challenge, RoResponse resp)	For Digest authentication we need to set the uri, response and opaque parameters.
AuthorizationInfo	getAuthorization(AuthorizationInfo challenge, RoRequest req, RoResponse resp)	returns the requested authorization, or null if none was given.
void	handleAuthHeaders(Response resp, RoRequest req, AuthorizationInfo prev, AuthorizationInfo prxy)	We handle the "Authentication-Info" and "Proxy-Authentication-Info" headers here.
void	handleAuthTrailers(Response resp, RoRequest req, AuthorizationInfo prev, AuthorizationInfo prxy)	We handle the "Authentication-Info" and "Proxy-Authentication-Info" trailers here.
static AuthorizationPrompter	setAuthorizationPrompter(AuthorizationPrompter prompt)	Set a new username/password prompter.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

HTTP

public static final int HTTP

possible http protocols we (might) handle

See Also:

Constant Field Values

HTTPS

public static final int HTTPS

See Also:

Constant Field Values

SHTTP

public static final int SHTTP

See Also:

Constant Field Values

HTTP_NG

public static final int HTTP_NG

See Also:

Constant Field Values

HTTP_1_0

public static final int HTTP_1_0

some known http versions

See Also:

Constant Field Values

HTTP_1_1

public static final int HTTP_1_1

See Also:

Constant Field Values

CD_NONE

public static final int CD_NONE

Content delimiters

See Also:

Constant Field Values

CD_HDRS

public static final int CD_HDRS

See Also:

Constant Field Values

CD_0

public static final int CD_0

See Also:

Constant Field Values

CD_CLOSE

public static final int CD_CLOSE

See Also:

Constant Field Values

CD_CONTLEN

public static final int CD_CONTLEN

See Also:

Constant Field Values

CD_CHUNKED

public static final int CD_CHUNKED

See Also:

Constant Field Values

CD_MP_BR

public static final int CD_MP_BR

See Also:

Constant Field Values

Constructor Detail

DefaultAuthHandler

public DefaultAuthHandler()

Method Detail

fixupAuthInfo

public AuthorizationInfo fixupAuthInfo(AuthorizationInfo info,
                                       RoRequest req,
                                       AuthorizationInfo challenge,
                                       RoResponse resp)
                                throws AuthSchemeNotImplException

For Digest authentication we need to set the uri, response and opaque parameters. For "Basic" and "SOCKS5" nothing is done.

Specified by:

fixupAuthInfo in interface AuthorizationHandler

Parameters:

info - the authorization info retrieved from the list of known info.

req - the request this info is targeted for.

challenge - the authorization challenge received from the server if this is in response to a 401, or null if we are preemptively sending the info.

resp - the full 401 response received, or null if we are preemptively sending the info.

Returns:

the authorization info to be sent with the request, or null if none is to be sent.

Throws:

AuthSchemeNotImplException - if the authorization scheme in the info cannot be handled.

getAuthorization

public AuthorizationInfo getAuthorization(AuthorizationInfo challenge,
                                          RoRequest req,
                                          RoResponse resp)
                                   throws AuthSchemeNotImplException,
                                          IOException

returns the requested authorization, or null if none was given.

Specified by:

getAuthorization in interface AuthorizationHandler

Parameters:

challenge - the parsed challenge from the server.

req - the request which solicited this response

resp - the full response received

Returns:

a structure containing the necessary authorization info, or null

Throws:

AuthSchemeNotImplException - if the authentication scheme in the challenge cannot be handled.

IOException - if an exception occurs while processing the challenge

handleAuthHeaders

public void handleAuthHeaders(Response resp,
                              RoRequest req,
                              AuthorizationInfo prev,
                              AuthorizationInfo prxy)
                       throws IOException

We handle the "Authentication-Info" and "Proxy-Authentication-Info" headers here.

Specified by:

handleAuthHeaders in interface AuthorizationHandler

Parameters:

resp - the full Response

req - the Request which provoked this response

prev - the previous auth info sent, or null if none was sent

prxy - the previous proxy auth info sent, or null if none was sent

Throws:

IOException - if an exception occurs during the reading of the headers.

handleAuthTrailers

public void handleAuthTrailers(Response resp,
                               RoRequest req,
                               AuthorizationInfo prev,
                               AuthorizationInfo prxy)
                        throws IOException

We handle the "Authentication-Info" and "Proxy-Authentication-Info" trailers here.

Specified by:

handleAuthTrailers in interface AuthorizationHandler

Parameters:

resp - the full Response

req - the Request which provoked this response

prev - the previous auth info sent, or null if none was sent

prxy - the previous proxy auth info sent, or null if none was sent

Throws:

IOException - if an exception occurs during the reading of the trailers.

See Also:

AuthorizationHandler.handleAuthHeaders(HTTPClient.Response, HTTPClient.RoRequest, HTTPClient.AuthorizationInfo, HTTPClient.AuthorizationInfo)

setAuthorizationPrompter

public static AuthorizationPrompter setAuthorizationPrompter(AuthorizationPrompter prompt)

Set a new username/password prompter.

Parameters:

prompt - the AuthorizationPrompter to use whenever a username and password are needed; if null, no querying will be done

Returns:

the previous prompter