T
- authorization token representation.@Contract(threading=STATELESS) public abstract class AbstractHttpServerAuthFilter<T> extends Object implements HttpFilterHandler
Modifier | Constructor and Description |
---|---|
protected |
AbstractHttpServerAuthFilter(boolean respondImmediately) |
Modifier and Type | Method and Description |
---|---|
protected abstract boolean |
authenticate(T challengeResponse,
URIAuthority authority,
String requestUri,
HttpContext context)
Authenticates the client using the authentication token sent by the client
as a response to an authentication challenge.
|
protected abstract String |
generateChallenge(T challengeResponse,
URIAuthority authority,
String requestUri,
HttpContext context)
Generates an authentication challenge in case of unsuccessful authentication.
|
protected HttpEntity |
generateResponseContent(HttpResponse unauthorized)
Generates response body for UNAUTHORIZED response.
|
void |
handle(ClassicHttpRequest request,
HttpFilterChain.ResponseTrigger responseTrigger,
HttpContext context,
HttpFilterChain chain)
Processes the incoming HTTP request and if processing has been completed
submits a final response to the client.
|
protected abstract T |
parseChallengeResponse(String authorizationValue,
HttpContext context)
Parses authorization header value into an authentication token sent by the client
as a response to an authentication challenge.
|
protected AbstractHttpServerAuthFilter(boolean respondImmediately)
protected abstract T parseChallengeResponse(String authorizationValue, HttpContext context) throws HttpException
authorizationValue
- the authorization header value.context
- the actual execution context.HttpException
- in case of an HTTP protocol violation.protected abstract boolean authenticate(T challengeResponse, URIAuthority authority, String requestUri, HttpContext context)
challengeResponse
- the authentication token sent by the client
as a response to an authentication challenge.authority
- the URI authority.requestUri
- the request URI.context
- the actual execution context.true
if the client could be successfully authenticated false
otherwise.protected abstract String generateChallenge(T challengeResponse, URIAuthority authority, String requestUri, HttpContext context)
challengeResponse
- the authentication token sent by the client
as a response to an authentication challenge
or null
if the client has not sent any.authority
- the URI authority.requestUri
- the request URI.context
- the actual execution context.protected HttpEntity generateResponseContent(HttpResponse unauthorized)
unauthorized
- the response to return as a result of authentication failure.public final void handle(ClassicHttpRequest request, HttpFilterChain.ResponseTrigger responseTrigger, HttpContext context, HttpFilterChain chain) throws HttpException, IOException
HttpFilterHandler
HttpFilterChain.proceed(ClassicHttpRequest, HttpFilterChain.ResponseTrigger, HttpContext)
method.handle
in interface HttpFilterHandler
request
- the actual request.responseTrigger
- the response trigger.context
- the actual execution context.chain
- the next element in the request processing chain.HttpException
- in case of an HTTP protocol violation.IOException
- in case of an I/O error.Copyright © 2005–2021 The Apache Software Foundation. All rights reserved.