org.apache.commons.httpclient.auth
Class DigestScheme

java.lang.Object
  extended by org.apache.commons.httpclient.auth.RFC2617Scheme
      extended by org.apache.commons.httpclient.auth.DigestScheme
All Implemented Interfaces:
AuthScheme

public class DigestScheme
extends RFC2617Scheme

Digest authentication scheme as defined in RFC 2617. Both MD5 (default) and MD5-sess are supported. Currently only qop=auth or no qop is supported. qop=auth-int is unsupported. If auth and auth-int are provided, auth is used.

Credential charset is configured via the credential charset parameter. Since the digest username is included as clear text in the generated Authentication header, the charset of the username must be compatible with the http element charset.

TODO: make class more stateful regarding repeated authentication requests

Author:
Remy Maucherat, Rodney Waldhoff, Jeff Dever, Ortwin Gl?ck, Sean C. Sullivan, Adrian Sutton, Mike Bowler, Oleg Kalnichevski

Constructor Summary
DigestScheme()
          Default constructor for the digest authetication scheme.
 
Method Summary
 String authenticate(Credentials credentials, HttpMethod method)
          Produces a digest authorization string for the given set of Credentials, method name and URI.
static String createCnonce()
          Creates a random cnonce value based on the current time.
 String getSchemeName()
          Returns textual designation of the digest authentication scheme.
 boolean isComplete()
          Tests if the Digest authentication process has been completed.
 boolean isConnectionBased()
          Returns false.
 void processChallenge(String challenge)
          Processes the Digest challenge.
 
Methods inherited from class org.apache.commons.httpclient.auth.RFC2617Scheme
getParameter, getParameters, getRealm
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DigestScheme

public DigestScheme()
Default constructor for the digest authetication scheme.

Since:
3.0
Method Detail

processChallenge

public void processChallenge(String challenge)
                      throws MalformedChallengeException
Processes the Digest challenge.

Specified by:
processChallenge in interface AuthScheme
Overrides:
processChallenge in class RFC2617Scheme
Parameters:
challenge - the challenge string
Throws:
MalformedChallengeException - is thrown if the authentication challenge is malformed
Since:
3.0

isComplete

public boolean isComplete()
Tests if the Digest authentication process has been completed.

Returns:
true if Digest authorization has been processed, false otherwise.
Since:
3.0

getSchemeName

public String getSchemeName()
Returns textual designation of the digest authentication scheme.

Returns:
digest

isConnectionBased

public boolean isConnectionBased()
Returns false. Digest authentication scheme is request based.

Returns:
false.
Since:
3.0

authenticate

public String authenticate(Credentials credentials,
                           HttpMethod method)
                    throws AuthenticationException
Produces a digest authorization string for the given set of Credentials, method name and URI.

Parameters:
credentials - A set of credentials to be used for athentication
method - The method being authenticated
Returns:
a digest authorization string
Throws:
InvalidCredentialsException - if authentication credentials are not valid or not applicable for this authentication scheme
AuthenticationException - if authorization string cannot be generated due to an authentication failure
Since:
3.0

createCnonce

public static String createCnonce()
Creates a random cnonce value based on the current time.

Returns:
The cnonce value as String.
Throws:
HttpClientError - if MD5 algorithm is not supported.


Copyright (c) 1999-2005 - Apache Software Foundation