org.glassfish.jersey.client.filter

Class HttpDigestAuthFilter

java.lang.Object

org.glassfish.jersey.client.filter.HttpDigestAuthFilter

All Implemented Interfaces:

javax.ws.rs.client.ClientRequestFilter, javax.ws.rs.client.ClientResponseFilter

@Provider
public class HttpDigestAuthFilter
extends Object
implements javax.ws.rs.client.ClientRequestFilter, javax.ws.rs.client.ClientResponseFilter

Client filter providing HTTP Digest Authentication with preemptive authentication support.

This filter is the main class that adds a support for Http Digest Authentication on the client. In order to use this filter, create an instance of the filter and register it to the client.

Example:

 // create a filter instance and initiate it with username and password
 final HttpDigestAuthFilter digestFilter = new HttpDigestAuthFilter("adam", "pwd87654");

 // register the filter into the client (in this case using ClientBuilder)
 Client client = ClientBuilder.newBuilder().register(digestFilter).build();

 // make request (authentication will be managed by filter during the request if needed)
 final Response response = client.target("http://example.com/users/adam/age").request().get();
 

Filter firstly tries to perform request without authentication. If authentication is needed and 401 status code is returned, filter use information from WWW-Authenticate header to construct the digest header and retries the request with Authentication header. The Authentication header will be stored for the current URI and used next time with nonce value increased (if nonce is defined). The number of cached URIs can be defined by a property ClientProperties.DIGESTAUTH_URI_CACHE_SIZELIMIT.

Note: The filter must be registered only into the Client. Filter will not work correctly when it is registered to WebTarget, Invocation.Builder or Invocation.

Since:

2.3

Author:

raphael.jolivet@gmail.com, Stefan Katerkamp (stefan@katerkamp.de)

Constructor Summary

Constructors

Constructor and Description
HttpDigestAuthFilter(String username, String password) Create a new HTTP Basic Authentication filter using provided username and password string credentials.

Method Summary

Methods

Modifier and Type	Method and Description
void	filter(javax.ws.rs.client.ClientRequestContext requestContext)
void	filter(javax.ws.rs.client.ClientRequestContext requestContext, javax.ws.rs.client.ClientResponseContext responseContext)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

HttpDigestAuthFilter

public HttpDigestAuthFilter(String username,
                    String password)

Create a new HTTP Basic Authentication filter using provided username and password string credentials. The string password will be internally stored as a byte array, so that using this constructor does introduce the security risk of keeping password as a reference to String.

Parameters:

username - user name

password - password

Method Detail

filter

public void filter(javax.ws.rs.client.ClientRequestContext requestContext)
            throws IOException

Specified by:

filter in interface javax.ws.rs.client.ClientRequestFilter

Throws:

IOException

filter

public void filter(javax.ws.rs.client.ClientRequestContext requestContext,
          javax.ws.rs.client.ClientResponseContext responseContext)
            throws IOException

Specified by:

filter in interface javax.ws.rs.client.ClientResponseFilter

Throws:

IOException