Class BasicAuthenticator


public abstract class BasicAuthenticator extends Authenticator
BasicAuthenticator provides an implementation of HTTP Basic authentication. It is an abstract class and must be extended to provide an implementation of checkCredentials(String,String) which is called to verify each incoming request.
  • Field Details

    • realm

      protected final String realm
      The HTTP Basic authentication realm.
  • Constructor Details

    • BasicAuthenticator

      public BasicAuthenticator(String realm)
      Creates a BasicAuthenticator for the given HTTP realm. The Basic authentication credentials (username and password) are decoded using the platform's default character set.
      realm - the HTTP Basic authentication realm
      NullPointerException - if realm is null
      IllegalArgumentException - if realm is an empty string
    • BasicAuthenticator

      public BasicAuthenticator(String realm, Charset charset)
      Creates a BasicAuthenticator for the given HTTP realm and using the given Charset to decode the Basic authentication credentials (username and password).
      API Note:
      UTF-8 is the recommended charset because its usage is communicated to the client, and therefore more likely to be used also by the client.
      realm - the HTTP Basic authentication realm
      charset - the Charset to decode incoming credentials from the client
      NullPointerException - if realm or charset are null
      IllegalArgumentException - if realm is an empty string
  • Method Details

    • getRealm

      public String getRealm()
      Returns the realm this BasicAuthenticator was created with.
      the authenticator's realm string
    • authenticate

      public Authenticator.Result authenticate(HttpExchange t)
      Description copied from class: Authenticator
      Called to authenticate each incoming request. The implementation must return a Authenticator.Failure, Authenticator.Success or Authenticator.Retry object as appropriate:
      • Failure means the authentication has completed, but has failed due to invalid credentials.
      • Success means that the authentication has succeeded, and a Principal object representing the user can be retrieved by calling Authenticator.Success.getPrincipal().
      • Retry means that another HTTP exchange is required. Any response headers needing to be sent back to the client are set in the given HttpExchange. The response code to be returned must be provided in the Retry object. Retry may occur multiple times.
      Specified by:
      authenticate in class Authenticator
      t - the HttpExchange upon which authenticate is called
      the result
    • checkCredentials

      public abstract boolean checkCredentials(String username, String password)
      Called for each incoming request to verify the given name and password in the context of this authenticator's realm. Any caching of credentials must be done by the implementation of this method.
      username - the username from the request
      password - the password from the request
      true if the credentials are valid, false otherwise