Classes

  ClassDescription
Public classBasicChallengeHandler
Challenge handler for Basic authentication as defined in RFC 2617.

This BasicChallengeHandler can be loaded and instantiated using ChallengeHandlers.Load(), and registered at a location using DispatchChallengeHandler.Register(String, ChallengeHandler)}.

In addition, one can install general and realm-specific LoginHandler objects onto this BasicChallengeHandler to assist in handling challenges associated with any or specific realms. This can be achieved using 'setLoginHandler(LoginHandler)' and 'setRealmLoginHandler(String, LoginHandler)' methods.

The following example loads an instance of a BasicChallengeHandler, sets a login handler onto it and registers the basic handler at a URI location. In this way, all attempts to access that URI for which the server issues "Basic" challenges are handled by the registered BasicChallengeHandler.

 Copy imageCopy Code
             public class MyLoginHandler : LoginHandler {
               public PasswordAuthentication GetCredentials() {
                 return new PasswordAuthentication("global", "credentials".ToCharArray());
               }
             }
             BasicChallengeHandler basicHandler = ChallengeHandlers.Load<BasicChallengeHandler>(typeof(BasicChallengeHandler));
             basicHandler.LoginHandler = new MyLoginHandler();
             ChallengeHandlers.Default = basicHandler;
             

RFC 2616 - HTTP 1.1

RFC 2617 Section 2 - Basic Authentication

Public classChallengeHandler
Public classChallengeHandlers

Responsible for both loading fresh ChallengeHandler instances and managing a concept of a default challenge handler.

Managing the Default Challenge Handler: This class provides a way to get and set a default challenge handler, which is always defined (never NULL). The internal default handler cannot handle any challenges - it is up to the application to install its own default challenge handler for any authentication challenge management to operate at all.

Clients with a single challenge handling strategy for all authentication challenges can simply set a specific challenge handler as the default using SetDefault(ChallengeHandler). For example, to register a BasicChallengeHandler object to handle all authentication requests by default, one can code:

 Copy imageCopy Code
             LoginHandler loginHandler = ...
             BasicChallengeHandler basicHandler = ChallengeHandlers.Load<BasicChallengeHandler>(typeof(BasicChallengeHandler));
             basicHandler.LoginHandler = loginHandler;
             ChallengeHandlers.Default = basicHandler;
             

Clients with location-specific challenge handling strategies for location-dependent 401 challenges can register a DispatchChallengeHandler object, upon which location-specific ChallengeHandler objects are then registered. This arrangement means that whenever a request that matches one of the specific locations encounters a 401 challenge from the server, the corresponding ChallengeHandler object is invoked to handle the challenge.

 Copy imageCopy Code
             DispatchChallengeHandler dispatchHandler = ChallengeHandlers.Load<DispatchChallengeHandler>(typeof(DispatchChallengeHandler));
             ChallengeHandlers.Default = dispatchHandler;
             LoginHandler loginHandler = ...
             
             //set a loginHandler for this location
             BasicChallengeHandler basicHandler = ChallengeHandlers.Load<BasicChallengeHandler>(typeof(BasicChallengeHandler));
             basicHandler.LoginHandler = loginHandler;
             dispatchHandler.Register("ws://myserver.com/*", basicHandler);
             
ServiceLoader
Public classChallengeRequest

An immutable object representing the challenge presented by the server when the client accessed the URI represented by a location.

According to RFC 2617,
                 challenge   = auth-scheme 1*SP 1#auth-param
             
so we model the authentication scheme and parameters in this class.

This class is also responsible for detecting and adapting the Application Basic and Application Negotiate authentication schemes into their Basic and Negotiate counterpart authentication schemes.

Public classChallengeResponse
A challenge response contains a character array representing the response to the server, and a reference to the next challenge handler to handle any further challenges for the request.
Public classDispatchChallengeHandler
A DispatchChallengeHandler is responsible for dispatching challenge requests to appropriate challenge handlers when challenges arrive from specific URI locations in the authentication responses.

This allows clients to use specific challenge handlers to handle specific types of challenges at different URI locations.

Public classNegotiableChallengeHandler
A NegotiableChallengeHandler can be used to directly respond to "Negotiate" challenges, and in addition, can be used indirectly in conjunction with a NegotiateChallengeHandler} to assist in the construction of a challenge response using object identifiers. See RFC 4178 Section 4.2.1 for details about how the supported object identifiers contribute towards the initial context token in the challenge response.
Public classNegotiateChallengeHandler

A Negotiate Challenge Handler handles initial empty "Negotiate" challenges from the server. It uses other "candidate" challenger handlers to assemble an initial context token to send to the server, and is responsible for creating a challenge response that can delegate to the winning candidate.

This NegotiateChallengeHandler can be loaded and instantiated using ChallengeHandlers.Load(Class), and registered at a location using DispatchChallengeHandler.Register(String, ChallengeHandler).

In addition, one can register more specific NegotiableChallengeHandler objects with this initial NegotiateChallengeHandler to handle initial Negotiate challenges and subsequent challenges associated with specific Negotiation mechanism types / object identifiers.

The following example establishes a Negotiation strategy at a specific URL location. We show the use of a DispatchChallengeHandler to register a NegotiateChallengeHandler at a specific location. The NegotiateChallengeHandler has a NegotiableChallengeHandler instance registered as one of the potential negotiable alternative challenge handlers.
 Copy imageCopy Code
             LoginHandler someServerLoginHandler = ...
             DispatchChallengeHandler dispatchHandler = ChallengeHandlers.Load<DispatchChallengeHandler>(typeof(DispatchChallengeHandler));
             ChallengeHandlers.Default = dispatchHandler;
             
             //set a loginHandler for this location
             NegotiateChallengeHandler negotiateChallengeHandler = ChallengeHandlers.Load<NegotiateChallengeHandler>(typeof(NegotiateChallengeHandler));
             basicHandler.LoginHandler = someServerLoginHandler;
             dispatchHandler.Register("ws://myserver.com/*", negotiateChallengeHandler);
             

RFC 4559 - Microsoft SPNEGO

RFC 4178 - GSS-API SPNEGO

RFC 2743 - GSS-API

RFC 4121 - Kerberos v5 GSS-API (version 2)

RFC 2616 - HTTP 1.1

RFC 2617 - HTTP Authentication

Public classPasswordAuthentication
This immutable class is a data structure that encapsulates username and password.

Interfaces

  InterfaceDescription
Public interfaceLoginHandler
A login handler is responsible for obtaining credentials from an arbitrary source.

Login Handlers can be associated with one or more ChallengeHandler objects, to ensure that when a Challenge Handler requires credentials for a ChallengeResponse, the work is delegated to a LoginHandler.

At client configuration time, a LoginHandler can be associated with a ChallengeHandler as follows:
 Copy imageCopy Code
             public class MyLoginHandler : LoginHandler {
               public PasswordAuthentication GetCredentials() {
                 // Obtain credentials in an application-specific manner
                 ...
               }
             }
            
             BasicChallengeHandler basicHandler = ChallengeHandlers.Load<BasicChallengeHandler>(typeof(BasicChallengeHandler));
             basicHandler.LoginHandler = new MyLoginHandler();
             ChallengeHandlers.Default = basicHandler;