public class GenericCookieAuthScheme extends Object implements AuthScheme
A challenge looks like this:
WWW-Authenticate: /ivoa.net/std/SSO#cookie accessURL=<loginurl>The client then POSTs a form to the URL given by the
"accessurl"
parameter,
with suitable values for the
"username"
and "password"
keys,
and remembers the cookie (or possibly cookies) it gets in response.
That cookie can then be used for access to the protected resources.
The cookie itself contains relevant scope information.
A realm
parameter if supplied is respected for
assessing other challenges, but it's not usually required because of
the scoping provided by the cookie.Modifier and Type | Field and Description |
---|---|
static String |
ACCESSURL_PARAM
Name of challenge parameter giving login URL.
|
static GenericCookieAuthScheme |
INSTANCE
Singleton instance.
|
static String |
PASSWORD
Key for POSTing password to login URL.
|
static String |
USERNAME
Key for POSTing username to login URL.
|
Modifier and Type | Method and Description |
---|---|
ContextFactory |
createContextFactory(Challenge challenge,
URL url)
Attempts to return an object that can take user input to generate
an AuthContext based on a given challenge.
|
String |
getName()
Returns a human-readable name identifying the authentication
scheme implemented by this object.
|
public static final GenericCookieAuthScheme INSTANCE
public static final String ACCESSURL_PARAM
public static final String USERNAME
public static final String PASSWORD
public String getName()
AuthScheme
auth-scheme
token from an RFC7235 challenge (for instance "Basic" for Basic
authentication), but a different value may be used if required
to distinguish it from other instances.getName
in interface AuthScheme
public ContextFactory createContextFactory(Challenge challenge, URL url) throws BadChallengeException
AuthScheme
Note that this method should just examine the syntax of the supplied challenge; it is not expected to make network connections etc to determine if context creation will be successful.
createContextFactory
in interface AuthScheme
challenge
- authentication challenge objecturl
- URL with which the challenge is associatedBadChallengeException
- if the challenge scheme etc
indicates that it is destined for this AuthScheme,
but the challenge is not of the correct form