Class DigestScheme

All Implemented Interfaces:
Serializable, AuthScheme, ContextAwareAuthScheme

public class DigestScheme extends RFC2617Scheme
Digest authentication scheme as defined in RFC 2617. Both MD5 (default) and MD5-sess are supported. Currently only qop=auth or no qop is supported. qop=auth-int is unsupported. If auth and auth-int are provided, auth is used.

Since the digest username is included as clear text in the generated Authentication header, the charset of the username must be compatible with the HTTP element charset used by the connection.

Since:
4.0
See Also:
  • Constructor Details

    • DigestScheme

      public DigestScheme(Charset credentialsCharset)
      Since:
      4.3
    • DigestScheme

      @Deprecated public DigestScheme(ChallengeState challengeState)
      Deprecated.
      (4.3) do not use.
      Creates an instance of DigestScheme with the given challenge state.
      Since:
      4.2
    • DigestScheme

      public DigestScheme()
  • Method Details

    • processChallenge

      public void processChallenge(org.apache.http.Header header) throws MalformedChallengeException
      Processes the Digest challenge.
      Specified by:
      processChallenge in interface AuthScheme
      Overrides:
      processChallenge in class AuthSchemeBase
      Parameters:
      header - the challenge header
      Throws:
      MalformedChallengeException - is thrown if the authentication challenge is malformed
    • isComplete

      public boolean isComplete()
      Tests if the Digest authentication process has been completed.
      Returns:
      true if Digest authorization has been processed, false otherwise.
    • getSchemeName

      public String getSchemeName()
      Returns textual designation of the digest authentication scheme.
      Returns:
      digest
    • isConnectionBased

      public boolean isConnectionBased()
      Returns false. Digest authentication scheme is request based.
      Returns:
      false.
    • overrideParamter

      public void overrideParamter(String name, String value)
    • authenticate

      @Deprecated public org.apache.http.Header authenticate(Credentials credentials, org.apache.http.HttpRequest request) throws AuthenticationException
      Description copied from interface: AuthScheme
      Produces an authorization string for the given set of Credentials.
      Parameters:
      credentials - The set of credentials to be used for athentication
      request - The request being authenticated
      Returns:
      the authorization string
      Throws:
      AuthenticationException - if authorization string cannot be generated due to an authentication failure
    • authenticate

      public org.apache.http.Header authenticate(Credentials credentials, org.apache.http.HttpRequest request, org.apache.http.protocol.HttpContext context) throws AuthenticationException
      Produces a digest authorization string for the given set of Credentials, method name and URI.
      Specified by:
      authenticate in interface ContextAwareAuthScheme
      Overrides:
      authenticate in class AuthSchemeBase
      Parameters:
      credentials - A set of credentials to be used for athentication
      request - The request being authenticated
      context - HTTP context
      Returns:
      a digest authorization string
      Throws:
      InvalidCredentialsException - if authentication credentials are not valid or not applicable for this authentication scheme
      AuthenticationException - if authorization string cannot be generated due to an authentication failure
    • createCnonce

      public static String createCnonce()
      Creates a random cnonce value based on the current time.
      Returns:
      The cnonce value as String.
    • toString

      public String toString()
      Overrides:
      toString in class AuthSchemeBase