public class HttpAuthenticationFeature extends Object implements javax.ws.rs.core.Feature
The feature can work in following modes:
401
status code and
then the request is repeated with authentication information. This mode has negative impact on the performance.
The advantage is that it does not send credentials when they are not needed. This mode must
be combined with usage of SSL/TLS as the password is send only BASE64 encoded.
Please note that when you use non-preemptive authentication, Jersey client will make 2 requests to a resource,
which also means that all registered filters will be invoked twice.
401
status
code is returned, the request is repeated and an appropriate authentication is used based on the
authentication requested in the response (defined in WWW-Authenticate
HTTP header. The feature
remembers which authentication requests were successful for given URI and next time tries to preemptively
authenticate against this URI with latest successful authentication method.
To initialize the feature use static method of this feature.
Example of building the feature in Basic authentication mode:
HttpAuthenticationFeature feature = HttpAuthenticationFeature.basic("user", "superSecretPassword");
Example of building the feature in basic non-preemptive mode:
HttpAuthenticationFeature feature = HttpAuthenticationFeature.basicBuilder() .nonPreemptive().credentials("user", "superSecretPassword").build();
Example of building the feature in universal mode:
HttpAuthenticationFeature feature = HttpAuthenticationFeature.universal("user", "superSecretPassword");
Example of building the feature in universal mode with different credentials for basic and digest:
HttpAuthenticationFeature feature = HttpAuthenticationFeature.universalBuilder() .credentialsForBasic("user", "123456") .credentials("adminuser", "hello") .build();Example of building the feature in basic preemptive mode with no default credentials. Credentials will have to be supplied with each request using request properties (see below):
HttpAuthenticationFeature feature = HttpAuthenticationFeature.basicBuilder().build();
Once the feature is built it needs to be registered into the Client
,
WebTarget
or other client configurable object. Example:
final Client client = ClientBuilder.newClient(); client.register(feature);Then you invoke requests as usual and authentication will be handled by the feature. You can change the credentials for each request using properties
HTTP_AUTHENTICATION_USERNAME
and
HTTP_AUTHENTICATION_PASSWORD
. Example:
final Response response = client.target("http://localhost:8080/rest/homer/contact").request() .property(HTTP_AUTHENTICATION_BASIC_USERNAME, "homer") .property(HTTP_AUTHENTICATION_BASIC_PASSWORD, "p1swd745").get();
This class also contains property key definitions for overriding only specific basic or digest credentials:
Modifier and Type | Class and Description |
---|---|
static interface |
HttpAuthenticationFeature.BasicBuilder
Extension of
HttpAuthenticationFeature.Builder
that builds the http authentication feature configured for basic authentication. |
static interface |
HttpAuthenticationFeature.Builder
Builder that creates instances of
HttpAuthenticationFeature . |
static interface |
HttpAuthenticationFeature.UniversalBuilder
Extension of
HttpAuthenticationFeature.Builder
that builds the http authentication feature configured in universal mode that supports
basic and digest authentication. |
Modifier and Type | Field and Description |
---|---|
static String |
HTTP_AUTHENTICATION_BASIC_PASSWORD
Key of the property that can be set into the
client request
using ClientRequestContext.setProperty(String, Object) in order to override
the password for http basic authentication feature for the request. |
static String |
HTTP_AUTHENTICATION_BASIC_USERNAME
Key of the property that can be set into the
client request
using ClientRequestContext.setProperty(String, Object) in order to override
the username for http basic authentication feature for the request. |
static String |
HTTP_AUTHENTICATION_DIGEST_PASSWORD
Key of the property that can be set into the
client request
using ClientRequestContext.setProperty(String, Object) in order to override
the password for http digest authentication feature for the request. |
static String |
HTTP_AUTHENTICATION_DIGEST_USERNAME
Key of the property that can be set into the
client request
using ClientRequestContext.setProperty(String, Object) in order to override
the username for http digest authentication feature for the request. |
static String |
HTTP_AUTHENTICATION_PASSWORD
Key of the property that can be set into the
client request
using ClientRequestContext.setProperty(String, Object) in order to override
the password for http authentication feature for the request. |
static String |
HTTP_AUTHENTICATION_USERNAME
Key of the property that can be set into the
client request
using ClientRequestContext.setProperty(String, Object) in order to override
the username for http authentication feature for the request. |
Modifier and Type | Method and Description |
---|---|
static HttpAuthenticationFeature |
basic(String username,
byte[] password)
Create the http authentication feature in basic preemptive authentication mode initialized with credentials.
|
static HttpAuthenticationFeature |
basic(String username,
String password)
Create the http authentication feature in basic preemptive authentication mode initialized with credentials.
|
static HttpAuthenticationFeature.BasicBuilder |
basicBuilder()
Create the builder of the http authentication feature working in basic authentication mode.
|
boolean |
configure(javax.ws.rs.core.FeatureContext context) |
static HttpAuthenticationFeature |
digest()
Create the http authentication feature in digest authentication mode initialized without default
credentials.
|
static HttpAuthenticationFeature |
digest(String username,
byte[] password)
Create the http authentication feature in digest authentication mode initialized with credentials.
|
static HttpAuthenticationFeature |
digest(String username,
String password)
Create the http authentication feature in digest authentication mode initialized with credentials.
|
static HttpAuthenticationFeature |
universal(String username,
byte[] password)
Create the http authentication feature in combined mode supporting both,
basic and digest authentication.
|
static HttpAuthenticationFeature |
universal(String username,
String password)
Create the http authentication feature in combined mode supporting both,
basic and digest authentication.
|
static HttpAuthenticationFeature.UniversalBuilder |
universalBuilder()
Create the builder that builds http authentication feature in combined mode supporting both,
basic and digest authentication.
|
public static final String HTTP_AUTHENTICATION_USERNAME
client request
using ClientRequestContext.setProperty(String, Object)
in order to override
the username for http authentication feature for the request.
Example:
Response response = client.target("http://localhost:8080/rest/joe/orders").request() .property(HTTP_AUTHENTICATION_USERNAME, "joe") .property(HTTP_AUTHENTICATION_PASSWORD, "p1swd745").get();The property must be always combined with configuration of
HTTP_AUTHENTICATION_PASSWORD
property
(as shown in the example). This property pair overrides all password settings of the authentication
feature for the current request.
The default value must be instance of String
.
The name of the configuration property is "jersey.config.client.http.auth.username".
public static final String HTTP_AUTHENTICATION_PASSWORD
client request
using ClientRequestContext.setProperty(String, Object)
in order to override
the password for http authentication feature for the request.
Example:
Response response = client.target("http://localhost:8080/rest/joe/orders").request() .property(HTTP_AUTHENTICATION_USERNAME, "joe") .property(HTTP_AUTHENTICATION_PASSWORD, "p1swd745").get();The property must be always combined with configuration of
HTTP_AUTHENTICATION_USERNAME
property
(as shown in the example). This property pair overrides all password settings of the authentication
feature for the current request.
The value must be instance of String
or byte
array (byte[]
).
The name of the configuration property is "jersey.config.client.http.auth.password".
public static final String HTTP_AUTHENTICATION_BASIC_USERNAME
client request
using ClientRequestContext.setProperty(String, Object)
in order to override
the username for http basic authentication feature for the request.
Example:
Response response = client.target("http://localhost:8080/rest/joe/orders").request() .property(HTTP_AUTHENTICATION_BASIC_USERNAME, "joe") .property(HTTP_AUTHENTICATION_BASIC_PASSWORD, "p1swd745").get();The property must be always combined with configuration of
HTTP_AUTHENTICATION_PASSWORD
property
(as shown in the example). The property pair influence only credentials used during basic authentication.
The value must be instance of String
.
The name of the configuration property is "jersey.config.client.http.auth.basic.username".
public static final String HTTP_AUTHENTICATION_BASIC_PASSWORD
client request
using ClientRequestContext.setProperty(String, Object)
in order to override
the password for http basic authentication feature for the request.
Example:
Response response = client.target("http://localhost:8080/rest/joe/orders").request() .property(HTTP_AUTHENTICATION_BASIC_USERNAME, "joe") .property(HTTP_AUTHENTICATION_BASIC_PASSWORD, "p1swd745").get();The property must be always combined with configuration of
HTTP_AUTHENTICATION_USERNAME
property
(as shown in the example). The property pair influence only credentials used during basic authentication.
The value must be instance of String
or byte
array (byte[]
).
The name of the configuration property is "jersey.config.client.http.auth.basic.password".
public static final String HTTP_AUTHENTICATION_DIGEST_USERNAME
client request
using ClientRequestContext.setProperty(String, Object)
in order to override
the username for http digest authentication feature for the request.
Example:
Response response = client.target("http://localhost:8080/rest/joe/orders").request() .property(HTTP_AUTHENTICATION_DIGEST_USERNAME, "joe") .property(HTTP_AUTHENTICATION_DIGEST_PASSWORD, "p1swd745").get();The property must be always combined with configuration of
HTTP_AUTHENTICATION_PASSWORD
property
(as shown in the example). The property pair influence only credentials used during digest authentication.
The value must be instance of String
.
The name of the configuration property is "jersey.config.client.http.auth.digest.username".
public static final String HTTP_AUTHENTICATION_DIGEST_PASSWORD
client request
using ClientRequestContext.setProperty(String, Object)
in order to override
the password for http digest authentication feature for the request.
Example:
Response response = client.target("http://localhost:8080/rest/joe/orders").request() .property(HTTP_AUTHENTICATION_DIGEST_USERNAME, "joe") .property(HTTP_AUTHENTICATION_DIGEST_PASSWORD, "p1swd745").get();The property must be always combined with configuration of
HTTP_AUTHENTICATION_PASSWORD
property
(as shown in the example). The property pair influence only credentials used during digest authentication.
The value must be instance of String
or byte
array (byte[]
).
The name of the configuration property is "jersey.config.client.http.auth.digest.password".
public static HttpAuthenticationFeature.BasicBuilder basicBuilder()
public static HttpAuthenticationFeature basic(String username, byte[] password)
username
- Username.password
- Password as byte array
.public static HttpAuthenticationFeature basic(String username, String password)
username
- Username.password
- Password as String
.public static HttpAuthenticationFeature digest()
public static HttpAuthenticationFeature digest(String username, byte[] password)
username
- Username.password
- Password as byte array
.public static HttpAuthenticationFeature digest(String username, String password)
username
- Username.password
- Password as String
.public static HttpAuthenticationFeature.UniversalBuilder universalBuilder()
public static HttpAuthenticationFeature universal(String username, byte[] password)
username
- Username.password
- Password as byte array
.public static HttpAuthenticationFeature universal(String username, String password)
username
- Username.password
- Password as String
.public boolean configure(javax.ws.rs.core.FeatureContext context)
configure
in interface javax.ws.rs.core.Feature
Copyright © 2007-2021, Oracle and/or its affiliates. All Rights Reserved. Use is subject to license terms.