Package com.gmt2001.httpwsserver.auth
Class HttpBasicAuthenticationHandler
java.lang.Object
com.gmt2001.httpwsserver.auth.HttpBasicAuthenticationHandler
- All Implemented Interfaces:
HttpAuthenticationHandler
Provides a
HttpAuthenticationHandler that implements HTTP Basic authentication, as well as allowing the same format to be provided in a
cookie- Author:
- gmt2001
-
Constructor Summary
ConstructorsConstructorDescriptionHttpBasicAuthenticationHandler(String realm, String user, String pass, String loginUri) ConstructorHttpBasicAuthenticationHandler(String realm, String user, String pass, String loginUri, boolean allowPaneluser) Constructor -
Method Summary
Modifier and TypeMethodDescriptionbooleanChecks if the givenFullHttpRequesthas the correct header with valid credentialsbooleanstatic StringgetAuthorizationString(HttpHeaders headers) inthashCode()voidInvalidates the authentication of the specifiedChannelHandlerContext, if supported by the authentication handlerbooleanisAuthorized(ChannelHandlerContext ctx, FullHttpRequest req) Checks if the givenFullHttpRequestis a valid authentication request, or if the underlyingChannelhas already been authenticated When returningfalse, this method MUST NOT send a response to the clientbooleanisAuthorized(ChannelHandlerContext ctx, HttpHeaders headers) Checks if the givenHttpHeaderscontain a valid authorization, or if the underlyingChannelhas already been authenticated When returningfalse, this method MUST NOT send a response to the clientbooleanisAuthorized(String user, String pass) Checks if the given username and password is a valid When returningfalse, this method MUST NOT send a response to the client
-
Constructor Details
-
HttpBasicAuthenticationHandler
Constructor- Parameters:
realm- The realm to present to the useruser- The username required for valid authenticationpass- The password required for valid authenticationloginUri- The login page URI- Throws:
IllegalArgumentException- Ifrealmcontains any double quotes orusercontains any colons
-
HttpBasicAuthenticationHandler
public HttpBasicAuthenticationHandler(String realm, String user, String pass, String loginUri, boolean allowPaneluser) Constructor- Parameters:
realm- The realm to present to the useruser- The username required for valid authenticationpass- The password required for valid authenticationloginUri- The login page URIallowPanelUser- Whether this instance is allow to authenticate headers againstPanelUser- Throws:
IllegalArgumentException- Ifrealmcontains any double quotes orusercontains any colons
-
-
Method Details
-
checkAuthorization
Checks if the givenFullHttpRequesthas the correct header with valid credentials- Specified by:
checkAuthorizationin interfaceHttpAuthenticationHandler- Parameters:
ctx- TheChannelHandlerContextof the sessionreq- TheFullHttpRequestto check- Returns:
- , this method will also reply with
401 Unauthorizedand then close the channel
-
invalidateAuthorization
Description copied from interface:HttpAuthenticationHandlerInvalidates the authentication of the specifiedChannelHandlerContext, if supported by the authentication handler- Specified by:
invalidateAuthorizationin interfaceHttpAuthenticationHandler- Parameters:
ctx- TheChannelHandlerContextof the sessionreq- TheFullHttpRequest
-
isAuthorized
Description copied from interface:HttpAuthenticationHandlerChecks if the givenFullHttpRequestis a valid authentication request, or if the underlyingChannelhas already been authenticated When returningfalse, this method MUST NOT send a response to the client- Specified by:
isAuthorizedin interfaceHttpAuthenticationHandler- Parameters:
ctx- TheChannelHandlerContextof the sessionreq- TheFullHttpRequestto check- Returns:
- otherwise
-
isAuthorized
Description copied from interface:HttpAuthenticationHandlerChecks if the given username and password is a valid When returningfalse, this method MUST NOT send a response to the client- Specified by:
isAuthorizedin interfaceHttpAuthenticationHandler- Parameters:
user- The usernamepass- The password- Returns:
- otherwise
-
isAuthorized
Description copied from interface:HttpAuthenticationHandlerChecks if the givenHttpHeaderscontain a valid authorization, or if the underlyingChannelhas already been authenticated When returningfalse, this method MUST NOT send a response to the client- Specified by:
isAuthorizedin interfaceHttpAuthenticationHandler- Parameters:
ctx- TheChannelHandlerContextof the sessionheaders- TheHttpHeadersto check- Returns:
- otherwise
-
getAuthorizationString
- Parameters:
headers- TheHttpHeadersto check- Returns:
- The authorization string, still encoded with Base64, giving preference to
Authorization Basic;nullif neither is found
-
hashCode
public int hashCode() -
equals
-