Package org.apache.catalina.authenticator

Class BasicAuthenticator

java.lang.Object

org.apache.catalina.util.LifecycleBase

org.apache.catalina.util.LifecycleMBeanBase

org.apache.catalina.valves.ValveBase

org.apache.catalina.authenticator.AuthenticatorBase

org.apache.catalina.authenticator.BasicAuthenticator

All Implemented Interfaces:

javax.management.MBeanRegistration, javax.security.auth.message.config.RegistrationListener, Authenticator, Contained, JmxEnabled, Lifecycle, Valve

public class BasicAuthenticator
extends AuthenticatorBase

An Authenticator and Valve implementation of HTTP BASIC Authentication, as outlined in RFC 2617: "HTTP Authentication: Basic and Digest Access Authentication."

Author:

Craig R. McClanahan

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	BasicAuthenticator.BasicCredentials	Parser for an HTTP Authorization header for BASIC authentication as per RFC 2617 section 2, and the Base64 encoded credentials as per RFC 2045 section 6.8.

Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle

Lifecycle.SingleUse

Field Summary

Fields inherited from class org.apache.catalina.authenticator.AuthenticatorBase

alwaysUseSession, AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, jaspicCallbackHandlerClass, REALM_NAME, securePagesWithPragma, secureRandomAlgorithm, secureRandomClass, secureRandomProvider, sessionIdGenerator, sm, sso

Fields inherited from interface org.apache.catalina.Lifecycle

AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase

mserver

Fields inherited from class org.apache.catalina.valves.ValveBase

asyncSupported, container, containerLog, next

Constructor Summary

Constructors

Constructor	Description
BasicAuthenticator()

Method Summary

Modifier and Type	Method	Description
protected boolean	doAuthenticate(Request request, HttpServletResponse response)	Provided for sub-classes to implement their specific authentication mechanism.
protected java.lang.String	getAuthMethod()
java.lang.String	getCharset()
void	setCharset(java.lang.String charsetString)

Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBase

associate, authenticate, checkForCachedAuthentication, doLogin, getAlwaysUseSession, getCache, getChangeSessionIdOnAuthentication, getContainer, getDisableProxyCaching, getJaspicCallbackHandlerClass, getRealmName, getRequestCertificates, getSecurePagesWithPragma, getSecureRandomAlgorithm, getSecureRandomClass, getSecureRandomProvider, invoke, isContinuationRequired, login, logout, notify, reauthenticateFromSSO, register, setAlwaysUseSession, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setJaspicCallbackHandlerClass, setSecurePagesWithPragma, setSecureRandomAlgorithm, setSecureRandomClass, setSecureRandomProvider, startInternal, stopInternal

Methods inherited from class org.apache.catalina.util.LifecycleBase

addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop

Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase

destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from class org.apache.catalina.valves.ValveBase

backgroundProcess, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setNext, toString

Constructor Detail

BasicAuthenticator

public BasicAuthenticator()

Method Detail

getCharset

public java.lang.String getCharset()

setCharset

public void setCharset(java.lang.String charsetString)

doAuthenticate

protected boolean doAuthenticate(Request request,
                                 HttpServletResponse response)
                          throws java.io.IOException

Description copied from class: AuthenticatorBase

Provided for sub-classes to implement their specific authentication mechanism.

Specified by:

doAuthenticate in class AuthenticatorBase

Parameters:

request - The request that triggered the authentication

response - The response associated with the request

Returns:

true if the the user was authenticated, otherwise false, in which case an authentication challenge will have been written to the response

Throws:

java.io.IOException - If an I/O problem occurred during the authentication process

getAuthMethod

protected java.lang.String getAuthMethod()

Specified by:

getAuthMethod in class AuthenticatorBase