Class BasicAuthenticator

  • public abstract class BasicAuthenticator
    extends Authenticator
    BasicAuthenticator provides an implementation of HTTP Basic authentication. It is an abstract class and must be extended to provide an implementation of checkCredentials(String,String) which is called to verify each incoming request.
    • Field Detail

      • realm

        protected String realm
    • Constructor Detail

      • BasicAuthenticator

        public BasicAuthenticator​(String realm)
        Creates a BasicAuthenticator for the given HTTP realm
        realm - The HTTP Basic authentication realm
        NullPointerException - if the realm is an empty string
    • Method Detail

      • getRealm

        public String getRealm​()
        returns the realm this BasicAuthenticator was created with
        the authenticator's realm string.
      • authenticate

        public Authenticator.Result authenticate​(HttpExchange t)
        Description copied from class: Authenticator
        called to authenticate each incoming request. The implementation must return a Failure, Success or Retry object as appropriate :-

        Failure means the authentication has completed, but has failed due to invalid credentials.

        Sucess means that the authentication has succeeded, and a Principal object representing the user can be retrieved by calling Sucess.getPrincipal() .

        Retry means that another HTTP exchange is required. Any response headers needing to be sent back to the client are set in the given HttpExchange. The response code to be returned must be provided in the Retry object. Retry may occur multiple times.

        Specified by:
        authenticate in class Authenticator
      • checkCredentials

        public abstract boolean checkCredentials​(String username,
                                                 String password)
        called for each incoming request to verify the given name and password in the context of this Authenticator's realm. Any caching of credentials must be done by the implementation of this method
        username - the username from the request
        password - the password from the request
        true if the credentials are valid, false otherwise.