Package org.apache.http.auth

Interface AuthScheme

All Known Subinterfaces:
ContextAwareAuthScheme
All Known Implementing Classes:
AuthSchemeBase, BasicScheme, DigestScheme, GGSSchemeBase, KerberosScheme, NegotiateScheme, NTLMScheme, RFC2617Scheme, SPNegoScheme
public interface AuthScheme
This interface represents an abstract challenge-response oriented authentication scheme.

An authentication scheme should be able to support the following functions:

  • Parse and process the challenge sent by the target server in response to request for a protected resource
  • Provide its textual designation
  • Provide its parameters, if available
  • Provide the realm this authentication scheme is applicable to, if available
  • Generate authorization string for the given set of credentials and the HTTP request in response to the authorization challenge.

Authentication schemes may be stateful involving a series of challenge-response exchanges.

IMPORTANT: implementations of this interface MUST also implement ContextAwareAuthScheme interface in order to remain API compatible with newer versions of HttpClient.

Since:
4.0

  • Method Details

    • processChallenge

      void processChallenge(org.apache.http.Header header) throws MalformedChallengeException
      Processes the given challenge token. Some authentication schemes may involve multiple challenge-response exchanges. Such schemes must be able to maintain the state information when dealing with sequential challenges
      Parameters:
      header - the challenge header
      Throws:
      MalformedChallengeException

    • getSchemeName

      String getSchemeName()
      Returns textual designation of the given authentication scheme.
      Returns:
      the name of the given authentication scheme

    • getParameter

      String getParameter(String name)
      Returns authentication parameter with the given name, if available.
      Parameters:
      name - The name of the parameter to be returned
      Returns:
      the parameter with the given name

    • getRealm

      String getRealm()
      Returns authentication realm. If the concept of an authentication realm is not applicable to the given authentication scheme, returns null.
      Returns:
      the authentication realm

    • isConnectionBased

      boolean isConnectionBased()
      Tests if the authentication scheme is provides authorization on a per connection basis instead of usual per request basis
      Returns:
      true if the scheme is connection based, false if the scheme is request based.

    • isComplete

      boolean isComplete()
      Authentication process may involve a series of challenge-response exchanges. This method tests if the authorization process has been completed, either successfully or unsuccessfully, that is, all the required authorization challenges have been processed in their entirety.
      Returns:
      true if the authentication process has been completed, false otherwise.

    • authenticate

      @Deprecated org.apache.http.Header authenticate(Credentials credentials, org.apache.http.HttpRequest request) throws AuthenticationException
      Deprecated.
      (4.1) Use ContextAwareAuthScheme.authenticate(Credentials, HttpRequest, org.apache.http.protocol.HttpContext)
      Produces an authorization string for the given set of Credentials.
      Parameters:
      credentials - The set of credentials to be used for athentication
      request - The request being authenticated
      Returns:
      the authorization string
      Throws:
      AuthenticationException - if authorization string cannot be generated due to an authentication failure