1 package com.bradmcevoy.http;
2
3 import com.bradmcevoy.http.http11.auth.DigestResponse;
4
5 /**
6 * Interface to support digest HTTP authentication.
7 * <P/>
8 * This provides an authentication method compatible with digest. The key
9 * difference between this and Basic authentication is that the password
10 * is not available in the request. What is sent is a one way hash of
11 * several factors. To check the validity of a message, you must calculate
12 * the same one way hash on the server
13 * <P/>
14 * Milton never requires a plain text password so the complete digest is passed
15 * on to the resource implementation. You may choose to store the plain text password
16 * , or you might choose to store a one hash of a subset of the digest auth
17 * factors for greater security.
18 * <P/>
19 * Either way you SHOULD use the DigestGenerator class to calculate the hash
20 *
21 * @author brad
22 */
23 public interface DigestResource extends Resource {
24 /**
25 * Check the given credentials, and return a relevant object if accepted.
26 *
27 * Returning null indicates credentials were not accpeted
28 *
29 * You SHOULD use com.bradmcevoy.http.http11.auth.DigestGenerator to implement
30 * digest calculation, and then compare that to the given request digest.
31 *
32 * @param digestRequest - the digest authentication information provided by the client
33 * @return - if credentials are accepted, some object to attach to the Auth object. otherwise null
34 */
35 Object authenticate(DigestResponse digestRequest);
36
37 /**
38 *
39 * @return - true if this resource actually allows digest authentication.
40 */
41 boolean isDigestAllowed();
42 }