Class BasicAuthenticator
java.lang.Object
org.apache.catalina.util.LifecycleBase
org.apache.catalina.util.LifecycleMBeanBase
org.apache.catalina.valves.ValveBase
org.apache.catalina.authenticator.AuthenticatorBase
org.apache.catalina.authenticator.BasicAuthenticator
- All Implemented Interfaces:
- RegistrationListener,- MBeanRegistration,- Authenticator,- Contained,- JmxEnabled,- Lifecycle,- Valve
An Authenticator and Valve implementation of HTTP BASIC Authentication, as outlined in RFC 7617: "The
 'Basic' HTTP Authentication Scheme"
- Author:
- Craig R. McClanahan
- 
Nested Class SummaryNested ClassesModifier and TypeClassDescriptionstatic classParser for an HTTP Authorization header for BASIC authentication as per RFC 2617 section 2, and the Base64 encoded credentials as per RFC 2045 section 6.8.Nested classes/interfaces inherited from class org.apache.catalina.authenticator.AuthenticatorBaseAuthenticatorBase.AllowCorsPreflightNested classes/interfaces inherited from interface org.apache.catalina.LifecycleLifecycle.SingleUse
- 
Field SummaryFields inherited from class org.apache.catalina.authenticator.AuthenticatorBasealwaysUseSession, AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, jaspicCallbackHandlerClass, REALM_NAME, securePagesWithPragma, secureRandomAlgorithm, secureRandomClass, secureRandomProvider, sendAuthInfoResponseHeaders, sessionIdGenerator, sm, ssoFields inherited from class org.apache.catalina.valves.ValveBaseasyncSupported, container, containerLog, nextFields inherited from interface org.apache.catalina.LifecycleAFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionprotected booleandoAuthenticate(Request request, HttpServletResponse response) Provided for sub-classes to implement their specific authentication mechanism.protected StringReturn the authentication method, which is vendor-specific and not defined by HttpServletRequest.booleanprotected booleanisPreemptiveAuthPossible(Request request) Can the authenticator perform preemptive authentication for the given request?voidsetCharset(String charsetString) voidsetTrimCredentials(boolean trimCredentials) Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBaseallowCorsPreflightBypass, associate, authenticate, changeSessionID, checkForCachedAuthentication, doLogin, getAllowCorsPreflight, getAlwaysUseSession, getCache, getChangeSessionIdOnAuthentication, getContainer, getDisableProxyCaching, getJaspicCallbackHandlerClass, getRealmName, getSecurePagesWithPragma, getSecureRandomAlgorithm, getSecureRandomClass, getSecureRandomProvider, invoke, isContinuationRequired, isSendAuthInfoResponseHeaders, login, logout, notify, reauthenticateFromSSO, register, register, setAllowCorsPreflight, setAlwaysUseSession, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setJaspicCallbackHandlerClass, setSecurePagesWithPragma, setSecureRandomAlgorithm, setSecureRandomClass, setSecureRandomProvider, setSendAuthInfoResponseHeaders, startInternal, stopInternalMethods inherited from class org.apache.catalina.valves.ValveBasebackgroundProcess, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setNext, toStringMethods inherited from class org.apache.catalina.util.LifecycleMBeanBasedestroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregisterMethods inherited from class org.apache.catalina.util.LifecycleBaseaddLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
- 
Constructor Details- 
BasicAuthenticatorpublic BasicAuthenticator()
 
- 
- 
Method Details- 
getCharset
- 
setCharset
- 
getTrimCredentialspublic boolean getTrimCredentials()
- 
setTrimCredentialspublic void setTrimCredentials(boolean trimCredentials) 
- 
doAuthenticateDescription copied from class:AuthenticatorBaseProvided for sub-classes to implement their specific authentication mechanism.- Specified by:
- doAuthenticatein class- AuthenticatorBase
- Parameters:
- request- The request that triggered the authentication
- response- The response associated with the request
- Returns:
- trueif the the user was authenticated, otherwise- false, in which case an authentication challenge will have been written to the response
- Throws:
- IOException- If an I/O problem occurred during the authentication process
 
- 
getAuthMethodDescription copied from class:AuthenticatorBaseReturn the authentication method, which is vendor-specific and not defined by HttpServletRequest.- Specified by:
- getAuthMethodin class- AuthenticatorBase
- Returns:
- the authentication method, which is vendor-specific and not defined by HttpServletRequest.
 
- 
isPreemptiveAuthPossibleDescription copied from class:AuthenticatorBaseCan the authenticator perform preemptive authentication for the given request?- Overrides:
- isPreemptiveAuthPossiblein class- AuthenticatorBase
- Parameters:
- request- The request to check for credentials
- Returns:
- trueif preemptive authentication is possible, otherwise- false
 
 
-