An object which is capable of manipulating HTTP connections to add required authentication information.
Represents an RFC7235 authentication scheme.
Contains configuration for creating AuthContext objects from user credentials.
Knows how to acquire specific authentication information from an open URL connection.
Defines a way to present credentials for the purpose of subsequent access to a service.
Defines how a connection is obtained from a URL.
Aggregates a URLConnection and the AuthContext used to make the connection.
Characterises the authentication associated with a connection.
Utilities used by authentication classes.
Implements HTTP Basic Authentication as defined in RFC7617.
IvoaAuthScheme concrete subclass for working with bearer tokens.
Represents and parses challenge specifications as defined by RFC7235.
Simple abstraction of MIME type.
IvoaAuthScheme concrete subclass for working with cookies.
Partial AuthScheme implementation for standard SSO challenges.
Provides SSO-compliant implementations of LoginProtocol.
Protection Space is a concept defined in RFC7235, aggregating the canonical root URI and an optional realm.
Defines how HTTP 3xx redirects are handled.
Abstraction via which authentication classes can acquire credentials from the user.
Aggregates a username and password.
IvoaAuthScheme concrete subclass for working with X509 certificates.
Enumerates different types of authentication available for a connection.
Exception indicating that an authentication challenge is badly formed, for instance missing parameters required by the scheme to which it is supposed to conform.
The main user-visible class of this package is
In general there is one user-visible instance of this class,
method can be used as a drop-in replacement for
other methods are available for more nuanced HTTP interactions.
If this is done, when a resource is encountered which issues a
401 or 403 challenge of a recognised type, the user will be queried
for credentials, which are used to acquire the resource in question,
and also for subsequent resources from the same domain, so that
multiple logins to the same domain are not required.
Some details about the above outline:
WWW-Authenticate challenge headers accompanying
an HTTP response (typcally, though not necessarily, 401/403).
These recognised schemes are implementations of the
of which several are provided, and of which a list may be
configured on the
installed on the AuthManager
This package relies on VO standards that are still under discussion. The behaviour and user interface may change in future releases, and at time of writing not all data services that require or offer authentication advertise it in a way that AUTH can work with. It is hoped that authentication interoperability will improve in future versions of this library and of server-side software.
This package has no external dependencies, and may, depending on user demand, be released in future as a standalone package.