org.mortbay.jetty.security
Class DigestAuthenticator

java.lang.Object
  extended by org.mortbay.jetty.security.DigestAuthenticator
All Implemented Interfaces:
Serializable, Authenticator

public class DigestAuthenticator
extends Object
implements Authenticator

DIGEST authentication.

Author:
Greg Wilkins (gregw)
See Also:
Serialized Form

Field Summary
protected  long maxNonceAge
           
protected  long nonceSecret
           
protected  boolean useStale
           
 
Constructor Summary
DigestAuthenticator()
           
 
Method Summary
 Principal authenticate(UserRealm realm, String pathInContext, Request request, Response response)
          Authenticate.
 int checkNonce(String nonce, Request request)
           
 String getAuthMethod()
           
 long getMaxNonceAge()
           
 long getNonceSecret()
           
 boolean getUseStale()
           
 String newNonce(Request request)
           
 void sendChallenge(UserRealm realm, Request request, Response response, boolean stale)
           
 void setMaxNonceAge(long maxNonceAge)
           
 void setNonceSecret(long nonceSecret)
           
 void setUseStale(boolean us)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

maxNonceAge

protected long maxNonceAge

nonceSecret

protected long nonceSecret

useStale

protected boolean useStale
Constructor Detail

DigestAuthenticator

public DigestAuthenticator()
Method Detail

authenticate

public Principal authenticate(UserRealm realm,
                              String pathInContext,
                              Request request,
                              Response response)
                       throws IOException
Description copied from interface: Authenticator
Authenticate.

Specified by:
authenticate in interface Authenticator
Parameters:
realm - an UserRealm value
pathInContext - a String value
request - a Request value
response - a Response value. If non-null response is passed, then a failed authentication will result in a challenge response being set in the response.
Returns:
UserPrinciple if authenticated or null if not. If Authentication fails, then the authenticator may have committed the response as an auth challenge or redirect.
Throws:
IOException

getAuthMethod

public String getAuthMethod()
Specified by:
getAuthMethod in interface Authenticator

sendChallenge

public void sendChallenge(UserRealm realm,
                          Request request,
                          Response response,
                          boolean stale)
                   throws IOException
Throws:
IOException

newNonce

public String newNonce(Request request)

checkNonce

public int checkNonce(String nonce,
                      Request request)
Parameters:
nonce -
request -
Returns:
-1 for a bad nonce, 0 for a stale none, 1 for a good nonce

getMaxNonceAge

public long getMaxNonceAge()
Returns:
Returns the maxNonceAge.

setMaxNonceAge

public void setMaxNonceAge(long maxNonceAge)
Parameters:
maxNonceAge - The maxNonceAge to set.

getNonceSecret

public long getNonceSecret()
Returns:
Returns the nonceSecret.

setNonceSecret

public void setNonceSecret(long nonceSecret)
Parameters:
nonceSecret - The nonceSecret to set.

setUseStale

public void setUseStale(boolean us)

getUseStale

public boolean getUseStale()