Class Authenticator

java.lang.Object
org.apache.tomcat.websocket.Authenticator
Direct Known Subclasses:
BasicAuthenticator, DigestAuthenticator
public abstract class Authenticator extends Object
Base class for the authentication methods used by the WebSocket client.

  • Constructor Details

    • Authenticator

      protected Authenticator()
      Constructs an Authenticator instance.

  • Method Details

    • getAuthorization

      @Deprecated public String getAuthorization(String requestUri, String authenticateHeader, String userName, String userPassword, String userRealm) throws AuthenticationException
      Deprecated.
      Unused. Will be remove in Tomcat 12. Use getAuthorization(String, String, String, String, String, String)
      Generate the authorization header value that will be sent to the server.
      Parameters:
      requestUri - The request URI
      authenticateHeader - The server authentication header received
      userName - The username
      userPassword - The user password
      userRealm - The realm for which the provided username and password are valid. null to indicate all realms.
      Returns:
      The generated authorization header value
      Throws:
      AuthenticationException - When an error occurs

    • getAuthorization

      public abstract String getAuthorization(String method, String requestUri, String authenticateHeader, String userName, String userPassword, String userRealm) throws AuthenticationException
      Generate the authorization header value that will be sent to the server.
      Parameters:
      method - The request method
      requestUri - The request URI
      authenticateHeader - The server authentication header received
      userName - The username
      userPassword - The user password
      userRealm - The realm for which the provided username and password are valid. null to indicate all realms.
      Returns:
      The generated authorization header value
      Throws:
      AuthenticationException - When an error occurs

    • getSchemeName

      public abstract String getSchemeName()
      Get the authentication method.
      Returns:
      the authentication scheme

    • parseAuthenticateHeader

      public Map<String,String> parseAuthenticateHeader(String authenticateHeader)
      Utility method to parse the authentication header.
      Parameters:
      authenticateHeader - The server authenticate header received
      Returns:
      a map of authentication parameter names and values

    • validateUsername

      protected void validateUsername(String userName) throws AuthenticationException
      Validates that the user name is not null.
      Parameters:
      userName - the user name to validate
      Throws:
      AuthenticationException - if the user name is null

    • validatePassword

      protected void validatePassword(String password) throws AuthenticationException
      Validates that the password is not null.
      Parameters:
      password - the password to validate
      Throws:
      AuthenticationException - if the password is null

    • validateRealm

      protected void validateRealm(String userRealm, String serverRealm) throws AuthenticationException
      Validates that the configured user realm matches the server realm.
      Parameters:
      userRealm - the user-configured realm, or null to accept any realm
      serverRealm - the realm from the server's authentication challenge
      Throws:
      AuthenticationException - if the realms do not match