org.apache.hc.client5.http.impl.auth

Class GGSSchemeBase

java.lang.Object

org.apache.hc.client5.http.impl.auth.GGSSchemeBase

All Implemented Interfaces:

AuthScheme

Direct Known Subclasses:

KerberosScheme, SPNegoScheme

public abstract class GGSSchemeBase
extends Object
implements AuthScheme

Common behavior for GSS based authentication schemes.

Since:

4.2

Method Summary

Modifier and Type	Method and Description
protected org.ietf.jgss.GSSContext	createGSSContext(org.ietf.jgss.GSSManager manager, org.ietf.jgss.Oid oid, org.ietf.jgss.GSSName serverName, org.ietf.jgss.GSSCredential gssCredential)
String	generateAuthResponse(HttpHost host, HttpRequest request, HttpContext context) Generates an authorization response based on the current state.
protected byte[]	generateGSSToken(byte[] input, org.ietf.jgss.Oid oid, String serviceName, String authServer)
protected abstract byte[]	generateToken(byte[] input, String serviceName, String authServer)
protected org.ietf.jgss.GSSManager	getManager()
Principal	getPrincipal() Returns Principal whose credentials are used to generate an authentication response.
String	getRealm() Returns authentication realm.
boolean	isChallengeComplete() Authentication process may involve a series of challenge-response exchanges.
boolean	isResponseReady(HttpHost host, CredentialsProvider credentialsProvider, HttpContext context) Determines whether or not an authorization response can be generated based on the actual authentication state.
void	processChallenge(AuthChallenge authChallenge, HttpContext context) Processes the given auth challenge.
String	toString() Returns a string representation of the object.

Methods inherited from class java.lang.Object

clone, equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.apache.hc.client5.http.auth.AuthScheme

getName, isConnectionBased

Method Detail

createGSSContext

protected org.ietf.jgss.GSSContext createGSSContext(org.ietf.jgss.GSSManager manager,
                                                    org.ietf.jgss.Oid oid,
                                                    org.ietf.jgss.GSSName serverName,
                                                    org.ietf.jgss.GSSCredential gssCredential)
                                             throws org.ietf.jgss.GSSException

Throws:

org.ietf.jgss.GSSException

Since:

5.0

generateAuthResponse

public String generateAuthResponse(HttpHost host,
                                   HttpRequest request,
                                   HttpContext context)
                            throws AuthenticationException

Description copied from interface: AuthScheme

Generates an authorization response based on the current state. Some authentication schemes may need to load user credentials required to generate an authorization response from a CredentialsProvider prior to this method call.

Specified by:

generateAuthResponse in interface AuthScheme

request - The request being authenticated

context - HTTP context

Returns:

authorization header

Throws:

AuthenticationException - if authorization string cannot be generated due to an authentication failure

See Also:

AuthScheme.isResponseReady(HttpHost, CredentialsProvider, HttpContext)

generateGSSToken

protected byte[] generateGSSToken(byte[] input,
                                  org.ietf.jgss.Oid oid,
                                  String serviceName,
                                  String authServer)
                           throws org.ietf.jgss.GSSException

Throws:

org.ietf.jgss.GSSException

Since:

4.4

generateToken

protected abstract byte[] generateToken(byte[] input,
                                        String serviceName,
                                        String authServer)
                                 throws org.ietf.jgss.GSSException

Throws:

org.ietf.jgss.GSSException

Since:

4.4

getManager

protected org.ietf.jgss.GSSManager getManager()

getPrincipal

public Principal getPrincipal()

Description copied from interface: AuthScheme

Returns Principal whose credentials are used to generate an authentication response. Connection based schemes are required to return a user Principal if authorization applies to for the entire life span of connection.

Specified by:

getPrincipal in interface AuthScheme

Returns:

user principal

See Also:

AuthScheme.isConnectionBased()

getRealm

public String getRealm()

Description copied from interface: AuthScheme

Returns authentication realm. If the concept of an authentication realm is not applicable to the given authentication scheme, returns null.

Specified by:

getRealm in interface AuthScheme

Returns:

the authentication realm

isChallengeComplete

public boolean isChallengeComplete()

Description copied from interface: AuthScheme

Authentication process may involve a series of challenge-response exchanges. This method tests if the authorization process has been fully completed (either successfully or unsuccessfully), that is, all the required authorization challenges have been processed in their entirety.

Specified by:

isChallengeComplete in interface AuthScheme

Returns:

true if the authentication process has been completed, false otherwise.

isResponseReady

public boolean isResponseReady(HttpHost host,
                               CredentialsProvider credentialsProvider,
                               HttpContext context)
                        throws AuthenticationException

Description copied from interface: AuthScheme

Determines whether or not an authorization response can be generated based on the actual authentication state. Generally the outcome of this method will depend upon availability of user credentials necessary to produce an authorization response.

Specified by:

isResponseReady in interface AuthScheme

credentialsProvider - The credentials to be used for authentication

context - HTTP context

Returns:

true if an authorization response can be generated and the authentication handshake can proceed, false otherwise.

Throws:

AuthenticationException - if authorization string cannot be generated due to an authentication failure

processChallenge

public void processChallenge(AuthChallenge authChallenge,
                             HttpContext context)
                      throws MalformedChallengeException

Description copied from interface: AuthScheme

Processes the given auth challenge. Some authentication schemes may involve multiple challenge-response exchanges. Such schemes must be able to maintain internal state when dealing with sequential challenges

Specified by:

processChallenge in interface AuthScheme

Parameters:

authChallenge - the auth challenge

context - HTTP context

Throws:

MalformedChallengeException - in case the auth challenge is incomplete, malformed or otherwise invalid.

toString

public String toString()

Description copied from class: Object

Returns a string representation of the object. In general, the toString method returns a string that "textually represents" this object. The result should be a concise but informative representation that is easy for a person to read. It is recommended that all subclasses override this method.

The toString method for class Object returns a string consisting of the name of the class of which the object is an instance, the at-sign character `@', and the unsigned hexadecimal representation of the hash code of the object. In other words, this method returns a string equal to the value of:

 getClass().getName() + '@' + Integer.toHexString(hashCode())
 

Overrides:

toString in class Object

Returns:

a string representation of the object.