com.bradmcevoy.http
Interface DigestResource

All Superinterfaces:

Resource

All Known Implementing Classes:

SimpleDigestResource

public interface DigestResource
extends Resource

Interface to support digest HTTP authentication. This provides an authentication method compatible with digest. The key difference between this and Basic authentication is that the password is not available in the request. What is sent is a one way hash of several factors. To check the validity of a message, you must calculate the same one way hash on the server Milton never requires a plain text password so the complete digest is passed on to the resource implementation. You may choose to store the plain text password , or you might choose to store a one hash of a subset of the digest auth factors for greater security. Either way you SHOULD use the DigestGenerator class to calculate the hash

Author:

brad

Method Summary

java.lang.Object

authenticate(DigestResponse digestRequest) Check the given credentials, and return a relevant object if accepted.

Methods inherited from interface com.bradmcevoy.http.Resource

authenticate, authorise, checkRedirect, getModifiedDate, getName, getRealm, getUniqueId

Method Detail

authenticate

java.lang.Object authenticate(DigestResponse digestRequest)

Check the given credentials, and return a relevant object if accepted. Returning null indicates credentials were not accpeted You SHOULD use com.bradmcevoy.http.http11.auth.DigestGenerator to implement digest calculation, and then compare that to the given request digest.

Parameters:

digestRequest - - the digest authentication information provided by the client

Returns:

- if credentials are accepted, some object to attach to the Auth object. otherwise null