Challenge handler for Basic authentication as defined in RFC 2617.
This BasicChallengeHandler can be loaded and instantiated using ChallengeHandlers.Load(), and registered at a location using DispatchChallengeHandler.Register(String, ChallengeHandler)}.
In addition, one can install general and realm-specific LoginHandler objects onto this BasicChallengeHandler to assist in handling challenges associated with any or specific realms. This can be achieved using 'setLoginHandler(LoginHandler)' and 'setRealmLoginHandler(String, LoginHandler)' methods.
The following example loads an instance of a BasicChallengeHandler, sets a login handler onto it and registers the basic handler at a URI location. In this way, all attempts to access that URI for which the server issues "Basic" challenges are handled by the registered BasicChallengeHandler.
Responsible for both loading fresh ChallengeHandler instances and managing a concept of a default challenge handler.
Managing the Default Challenge Handler: This class provides a way to get and set a default challenge handler, which is always defined (never NULL). The internal default handler cannot handle any challenges - it is up to the application to install its own default challenge handler for any authentication challenge management to operate at all.
Clients with a single challenge handling strategy for all authentication challenges can simply set a specific challenge handler as the default using SetDefault(ChallengeHandler). For example, to register a BasicChallengeHandler object to handle all authentication requests by default, one can code:
Clients with location-specific challenge handling strategies for location-dependent 401 challenges can register a DispatchChallengeHandler object, upon which location-specific ChallengeHandler objects are then registered. This arrangement means that whenever a request that matches one of the specific locations encounters a 401 challenge from the server, the corresponding ChallengeHandler object is invoked to handle the challenge.
An immutable object representing the challenge presented by the server when the client accessed the URI represented by a location.According to RFC 2617,
challenge = auth-scheme 1*SP 1#auth-paramso we model the authentication scheme and parameters in this class.
This class is also responsible for detecting and adapting the Application Basic and Application Negotiate authentication schemes into their Basic and Negotiate counterpart authentication schemes.
A challenge response contains a character array representing the response to the server, and a reference to the next challenge handler to handle any further challenges for the request.
A DispatchChallengeHandler is responsible for dispatching challenge requests to appropriate challenge handlers when challenges arrive from specific URI locations in the authentication responses.
This allows clients to use specific challenge handlers to handle specific types of challenges at different URI locations.
A NegotiableChallengeHandler can be used to directly respond to "Negotiate" challenges, and in addition, can be used indirectly in conjunction with a NegotiateChallengeHandler} to assist in the construction of a challenge response using object identifiers. See RFC 4178 Section 4.2.1 for details about how the supported object identifiers contribute towards the initial context token in the challenge response.
A Negotiate Challenge Handler handles initial empty "Negotiate" challenges from the server. It uses other "candidate" challenger handlers to assemble an initial context token to send to the server, and is responsible for creating a challenge response that can delegate to the winning candidate.
This NegotiateChallengeHandler can be loaded and instantiated using ChallengeHandlers.Load(Class), and registered at a location using DispatchChallengeHandler.Register(String, ChallengeHandler).
In addition, one can register more specific NegotiableChallengeHandler objects with this initial NegotiateChallengeHandler to handle initial Negotiate challenges and subsequent challenges associated with specific Negotiation mechanism types / object identifiers.The following example establishes a Negotiation strategy at a specific URL location. We show the use of a DispatchChallengeHandler to register a NegotiateChallengeHandler at a specific location. The NegotiateChallengeHandler has a NegotiableChallengeHandler instance registered as one of the potential negotiable alternative challenge handlers.
This immutable class is a data structure that encapsulates username and password.
A login handler is responsible for obtaining credentials from an arbitrary source.
Login Handlers can be associated with one or more ChallengeHandler objects, to ensure that when a Challenge Handler requires credentials for a ChallengeResponse, the work is delegated to a LoginHandler.At client configuration time, a LoginHandler can be associated with a ChallengeHandler as follows: