org.apache.http.impl.auth

Class DigestScheme

java.lang.Object

org.apache.http.impl.auth.AuthSchemeBase

org.apache.http.impl.auth.RFC2617Scheme

org.apache.http.impl.auth.DigestScheme

All Implemented Interfaces:

AuthScheme, ContextAwareAuthScheme

@NotThreadSafe
public class DigestScheme
extends RFC2617Scheme

Digest authentication scheme as defined in RFC 2617. Both MD5 (default) and MD5-sess are supported. Currently only qop=auth or no qop is supported. qop=auth-int is unsupported. If auth and auth-int are provided, auth is used.

Credential charset is configured via the AuthPNames.CREDENTIAL_CHARSET parameter of the HTTP request.

Since the digest username is included as clear text in the generated Authentication header, the charset of the username must be compatible with the http element charset.

The following parameters can be used to customize the behavior of this class:

• AuthPNames.CREDENTIAL_CHARSET

Since:

4.0

Constructor Summary

Constructors

Constructor and Description
DigestScheme()
DigestScheme(ChallengeState challengeState) Creates an instance of DigestScheme with the given challenge state.

Method Summary

Methods

Modifier and Type	Method and Description
Header	authenticate(Credentials credentials, HttpRequest request) Deprecated. (4.2) Use ContextAwareAuthScheme.authenticate(Credentials, HttpRequest, org.apache.http.protocol.HttpContext)
Header	authenticate(Credentials credentials, HttpRequest request, HttpContext context) Produces a digest authorization string for the given set of Credentials, method name and URI.
static String	createCnonce() Creates a random cnonce value based on the current time.
String	getSchemeName() Returns textual designation of the digest authentication scheme.
boolean	isComplete() Tests if the Digest authentication process has been completed.
boolean	isConnectionBased() Returns false.
void	overrideParamter(String name, String value)
void	processChallenge(Header header) Processes the Digest challenge.
String	toString()

Methods inherited from class org.apache.http.impl.auth.RFC2617Scheme

getParameter, getParameters, getRealm, parseChallenge

Methods inherited from class org.apache.http.impl.auth.AuthSchemeBase

getChallengeState, isProxy

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

DigestScheme

public DigestScheme(ChallengeState challengeState)

Creates an instance of DigestScheme with the given challenge state.

Since:

4.2

DigestScheme

public DigestScheme()

Method Detail

processChallenge

public void processChallenge(Header header)
                      throws MalformedChallengeException

Processes the Digest challenge.

Specified by:

processChallenge in interface AuthScheme

Overrides:

processChallenge in class AuthSchemeBase

Parameters:

header - the challenge header

Throws:

MalformedChallengeException - is thrown if the authentication challenge is malformed

isComplete

public boolean isComplete()

Tests if the Digest authentication process has been completed.

Returns:

true if Digest authorization has been processed, false otherwise.

getSchemeName

public String getSchemeName()

Returns textual designation of the digest authentication scheme.

Returns:

digest

isConnectionBased

public boolean isConnectionBased()

Returns false. Digest authentication scheme is request based.

Returns:

false.

overrideParamter

public void overrideParamter(String name,
                    String value)

authenticate

@Deprecated
public Header authenticate(Credentials credentials,
                             HttpRequest request)
                    throws AuthenticationException

Deprecated. (4.2) Use ContextAwareAuthScheme.authenticate(Credentials, HttpRequest, org.apache.http.protocol.HttpContext)

Description copied from interface: AuthScheme

Produces an authorization string for the given set of Credentials.

Parameters:

credentials - The set of credentials to be used for athentication

request - The request being authenticated

Returns:

the authorization string

Throws:

AuthenticationException - if authorization string cannot be generated due to an authentication failure

authenticate

public Header authenticate(Credentials credentials,
                  HttpRequest request,
                  HttpContext context)
                    throws AuthenticationException

Produces a digest authorization string for the given set of Credentials, method name and URI.

Specified by:

authenticate in interface ContextAwareAuthScheme

Overrides:

authenticate in class AuthSchemeBase

Parameters:

credentials - A set of credentials to be used for athentication

request - The request being authenticated

context - HTTP context

Returns:

a digest authorization string

Throws:

InvalidCredentialsException - if authentication credentials are not valid or not applicable for this authentication scheme

AuthenticationException - if authorization string cannot be generated due to an authentication failure

createCnonce

public static String createCnonce()

Creates a random cnonce value based on the current time.

Returns:

The cnonce value as String.

toString

public String toString()

Overrides:

toString in class AuthSchemeBase