Module io.inverno.mod.security.http
Package io.inverno.mod.security.http.digest

Class DigestAuthenticationErrorInterceptor<A extends ExchangeContext,B extends ErrorExchange<A>>

java.lang.Object
io.inverno.mod.security.http.AuthenticationErrorInterceptor<A,B>
io.inverno.mod.security.http.HttpAuthenticationErrorInterceptor<A,B>
io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor<A,B>
Type Parameters:
A - the context type
B - the error exchange type
All Implemented Interfaces:
ExchangeInterceptor<A,B>
public class DigestAuthenticationErrorInterceptor<A extends ExchangeContext,B extends ErrorExchange<A>> extends HttpAuthenticationErrorInterceptor<A,B>

An HTTP authentication error interceptor that implements RFC 7616 HTTP Digest Access Authentication.

As per RFC 7616, a digest challenge with realm, domain, nonce, opaque, stale, algorithm, qop, charset (optional) and userhash (optional) parameters is sent to the requester to initiate digest HTTP authentication.

Since:
1.5
Author:
Jeremy Kuhn

  • Field Details

    • ALGORITHM_MD5

      public static final String ALGORITHM_MD5
      MD5 algorithm (default).

      Only MD5 is supported in "modern" web browsers.

      See Also:

    • ALGORITHM_SHA_256

      public static final String ALGORITHM_SHA_256
      SHA-256 algorithm.

      Firefox 93 is the first browser supporting SHA-256.

      See Also:

    • ALGORITHM_SHA_512_256

      public static final String ALGORITHM_SHA_512_256
      SHA-512-256 algorithm.
      See Also:

    • DEFAULT_NONCE_VALIDITY_SECONDS

      public static final long DEFAULT_NONCE_VALIDITY_SECONDS
      The default nonce validity period in seconds.
      See Also:

  • Constructor Details

    • DigestAuthenticationErrorInterceptor

      public DigestAuthenticationErrorInterceptor(String realm, String secret)

      Creates a digest authentication error interceptor with the specified realm and secret.

      Parameters:
      realm - a realm
      secret - a secret

    • DigestAuthenticationErrorInterceptor

      public DigestAuthenticationErrorInterceptor(String realm, String secret, String algorithm) throws IllegalArgumentException

      Creates a digest authentication error interceptor with the specified realm, secret and algorithm.

      Parameters:
      realm - a realm
      secret - a secret
      algorithm - an algorithm
      Throws:
      IllegalArgumentException - if specified parameters are incorrect

  • Method Details

    • getRealm

      public String getRealm()

      Returns the realm.

      Returns:
      the realm

    • getAlgorithm

      public String getAlgorithm()

      Returns the algorithm.

      Returns:
      the algorithm

    • setNonceValiditySeconds

      public void setNonceValiditySeconds(long nonceValiditySeconds)

      Sets the nonce validity period.

      Parameters:
      nonceValiditySeconds - the nonce validity period in seconds

    • getNonceValiditySeconds

      public long getNonceValiditySeconds()

      Returns the nonce validity period in seconds.

      Returns:
      the nonce validity period in seconds

    • createChallenge

      protected String createChallenge(SecurityException cause)
      Description copied from class: HttpAuthenticationErrorInterceptor

      Creates the challenge to send to the requester.

      Specified by:
      createChallenge in class HttpAuthenticationErrorInterceptor<A extends ExchangeContext,B extends ErrorExchange<A>>
      Parameters:
      cause - the cause of the error (can be null)
      Returns:
      a challenge