Interface AuthorizationHandler
-
- All Known Implementing Classes:
DefaultAuthHandler
public interface AuthorizationHandlerThis is the interface that an Authorization handler must implement. You can implement your own auth handler to add support for auth schemes other than the ones handled by the default handler, to use a different UI for soliciting usernames and passwords, or for using an altogether different way of getting the necessary auth info.- Version:
- 0.3-3 06/05/2001
- Author:
- Ronald Tschal�r
- See Also:
AuthorizationInfo.setAuthHandler(HTTPClient.AuthorizationHandler)
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description AuthorizationInfofixupAuthInfo(AuthorizationInfo info, RoRequest req, AuthorizationInfo challenge, RoResponse resp)This method is called whenever auth info is chosen from the list of known info in the AuthorizationInfo class to be sent with a request.AuthorizationInfogetAuthorization(AuthorizationInfo challenge, RoRequest req, RoResponse resp)This method is called whenever a 401 or 407 response is received and no candidate info is found in the list of known auth info.voidhandleAuthHeaders(Response resp, RoRequest req, AuthorizationInfo prev, AuthorizationInfo prxy)Sometimes even non-401 responses will contain headers pertaining to authorization (such as the "Authentication-Info" header).voidhandleAuthTrailers(Response resp, RoRequest req, AuthorizationInfo prev, AuthorizationInfo prxy)This method is similar tohandleAuthHeadersexcept that it is called if any headers in the trailer were sent.
-
-
-
Method Detail
-
getAuthorization
AuthorizationInfo getAuthorization(AuthorizationInfo challenge, RoRequest req, RoResponse resp) throws AuthSchemeNotImplException, IOException
This method is called whenever a 401 or 407 response is received and no candidate info is found in the list of known auth info. Usually this method will query the user for the necessary info.If the returned info is not null it will be added to the list of known info. If the info is valid for more than one (host, port, realm, scheme) tuple then this method must add the corresponding auth infos itself.
This method must check req.allow_ui and only attempt user interaction if it's true.
- Parameters:
challenge- the parsed challenge from the server; the host, port, scheme, realm and params are set to the values given by the server in the challenge.req- the request which provoked this response.resp- the full response.- Returns:
- the authorization info to use when retrying the request, or null if the request is not to be retried. The necessary info includes the host, port, scheme and realm as given in the challenge parameter, plus either the basic cookie or any necessary params.
- Throws:
AuthSchemeNotImplException- if the authorization scheme in the challenge cannot be handled.IOException- if an exception occurs while processing the challenge
-
fixupAuthInfo
AuthorizationInfo fixupAuthInfo(AuthorizationInfo info, RoRequest req, AuthorizationInfo challenge, RoResponse resp) throws AuthSchemeNotImplException, IOException
This method is called whenever auth info is chosen from the list of known info in the AuthorizationInfo class to be sent with a request. This happens when either auth info is being preemptively sent or if a 401 response is retrieved and a matching info is found in the list of known info. The intent of this method is to allow the handler to fix up the info being sent based on the actual request (e.g. in digest authentication the digest-uri, nonce and response-digest usually need to be recalculated).- Parameters:
info- the authorization info retrieved from the list of known info.req- the request this info is targeted for.challenge- the authorization challenge received from the server if this is in response to a 401, or null if we are preemptively sending the info.resp- the full 401 response received, or null if we are preemptively sending the info.- Returns:
- the authorization info to be sent with the request, or null if none is to be sent.
- Throws:
AuthSchemeNotImplException- if the authorization scheme in the info cannot be handled.IOException- if an exception occurs while fixing up the info
-
handleAuthHeaders
void handleAuthHeaders(Response resp, RoRequest req, AuthorizationInfo prev, AuthorizationInfo prxy) throws IOException
Sometimes even non-401 responses will contain headers pertaining to authorization (such as the "Authentication-Info" header). Therefore this method is invoked for each response received, even if it is not a 401 or 407 response. In case of a 401 or 407 response the methodsfixupAuthInfo()andgetAuthorization()are invoked after this method.- Parameters:
resp- the full Responsereq- the Request which provoked this responseprev- the previous auth info sent, or null if none was sentprxy- the previous proxy auth info sent, or null if none was sent- Throws:
IOException- if an exception occurs during the reading of the headers.
-
handleAuthTrailers
void handleAuthTrailers(Response resp, RoRequest req, AuthorizationInfo prev, AuthorizationInfo prxy) throws IOException
This method is similar tohandleAuthHeadersexcept that it is called if any headers in the trailer were sent. This also implies that it is invoked after anyfixupAuthInfo()orgetAuthorization()invocation.- Parameters:
resp- the full Responsereq- the Request which provoked this responseprev- the previous auth info sent, or null if none was sentprxy- the previous proxy auth info sent, or null if none was sent- Throws:
IOException- if an exception occurs during the reading of the trailers.- See Also:
handleAuthHeaders(HTTPClient.Response, HTTPClient.RoRequest, HTTPClient.AuthorizationInfo, HTTPClient.AuthorizationInfo)
-
-