UserInfo - a type for authenticated user info objectpublic static final class BasicAuthHttpServiceFilter.Builder<UserInfo>
extends Object
StreamingHttpServiceFilter, which filters HTTP requests using RFC7617: The 'Basic' HTTP Authentication Scheme.| Constructor and Description |
|---|
Builder(BasicAuthHttpServiceFilter.CredentialsVerifier<UserInfo> credentialsVerifier,
String realm)
Creates a new builder for an
StreamingHttpServiceFilter, which filters HTTP requests using RFC7617: The 'Basic' HTTP Authentication Scheme. |
| Modifier and Type | Method and Description |
|---|---|
StreamingHttpServiceFilterFactory |
buildProxy()
Creates a new instance for proxy service.
|
StreamingHttpServiceFilterFactory |
buildServer()
Creates a new instance for non-proxy service.
|
BasicAuthHttpServiceFilter.Builder<UserInfo> |
setCharsetUtf8(boolean utf8)
Sets an advice for a user agent to use
UTF-8 charset when it generates
user-id:password pair. |
BasicAuthHttpServiceFilter.Builder<UserInfo> |
userInfoAsyncContextKey(ContextMap.Key<UserInfo> userInfoAsyncContextKey)
Sets a
key to store a user info object of authenticated user in AsyncContext. |
BasicAuthHttpServiceFilter.Builder<UserInfo> |
userInfoRequestContextKey(ContextMap.Key<UserInfo> userInfoRequestContextKey)
Sets a
key to store a user info object of authenticated user in
request context. |
public Builder(BasicAuthHttpServiceFilter.CredentialsVerifier<UserInfo> credentialsVerifier, String realm)
StreamingHttpServiceFilter, which filters HTTP requests using RFC7617: The 'Basic' HTTP Authentication Scheme.
It accepts credentials as user-id:password pairs, encoded using Base64 for Authorization or Proxy-Authorization header values. Use of the format user:password in the userinfo field is deprecated by RFC3986.
User info object of authenticated user can be stored in AsyncContext if
ContextMap.Key is configured via userInfoAsyncContextKey(ContextMap.Key) or
request context if ContextMap.Key is configured via
userInfoRequestContextKey(ContextMap.Key). The same key can be reused
for both context storages.
Note: This scheme is not considered to be a secure method of user authentication unless used in
conjunction with some external secure system such as TLS (Transport Layer Security, [RFC5246]), as the user-id and password are
passed over the network as cleartext.
credentialsVerifier - a BasicAuthHttpServiceFilter.CredentialsVerifier for user-id and passwords pairrealm - a protection space (realm)public BasicAuthHttpServiceFilter.Builder<UserInfo> userInfoAsyncContextKey(ContextMap.Key<UserInfo> userInfoAsyncContextKey)
key to store a user info object of authenticated user in AsyncContext.userInfoAsyncContextKey - a key to store a user info object in AsyncContextthispublic BasicAuthHttpServiceFilter.Builder<UserInfo> userInfoRequestContextKey(ContextMap.Key<UserInfo> userInfoRequestContextKey)
key to store a user info object of authenticated user in
request context.userInfoRequestContextKey - a key to store a user info object in
request contextthispublic BasicAuthHttpServiceFilter.Builder<UserInfo> setCharsetUtf8(boolean utf8)
UTF-8 charset when it generates
user-id:password pair.
It will result in adding an optional charset="UTF-8" parameter for an authenticate header.
utf8 - if true, an optional charset="UTF-8" parameter will be added for an authenticate
headerthispublic StreamingHttpServiceFilterFactory buildServer()
It will use the following constants to handle authentication:
Response status code, authenticate and authorization headers for non-proxy Basic auth Response status code 401 (Unauthorized) Authenticate header WWW-Authenticate Authorization header Authorization
BasicAuthHttpServiceFilter.Builderpublic StreamingHttpServiceFilterFactory buildProxy()
It will use the following constants to handle authentication:
Response status code, authenticate and authorization headers for proxy Basic auth Response status code 407 (Proxy Authentication Required) Authenticate header Proxy-Authenticate Authorization header Proxy-Authorization
StreamingHttpServiceFilterFactory