org.w3c.jigsaw.auth
Class DigestAuthFilter

java.lang.Object
  extended by org.w3c.tools.resources.AttributeHolder
      extended by org.w3c.tools.resources.Resource
          extended by org.w3c.tools.resources.FramedResource
              extended by org.w3c.tools.resources.ResourceFrame
                  extended by org.w3c.tools.resources.ResourceFilter
                      extended by org.w3c.jigsaw.auth.AuthFilter
                          extended by org.w3c.jigsaw.auth.DigestAuthFilter
All Implemented Interfaces:
java.lang.Cloneable, java.util.EventListener, AttributeChangedListener, FrameEventListener, FilterInterface

public class DigestAuthFilter
extends AuthFilter

DigestAuthFilter provides for both IP and digest authentication. This is really a first implementation. It looses on several points:

However, this provides for the digest functionnalities.


Nested Class Summary
 class DigestAuthFilter.DigestAuthContext
           
 
Field Summary
protected static int ATTR_ALGORITHM
          Attribute index - The algorithm used
protected static int ATTR_ALLOWED_GROUPS
          Attribute index - The list of allowed groups.
protected static int ATTR_ALLOWED_USERS
          Attribute index - The list of allowed users.
protected static int ATTR_NONCE_TTL
          Attribute index - The nonce time to live (in seconds)
protected  RealmsCatalog catalog
          The catalog of realms that make our scope.
protected  HttpChallenge challenge
          The challenge to issue to any client for Digest Authentication.
protected  java.lang.String loaded_realm
          The nam of the realm we cache in realm.
protected  java.lang.String nonce
          The nonce value of the digest, changed every X mn
protected  java.lang.String old_nonce
          The previous nonce value of the digest, changed every X mn
protected  ResourceReference rr_realm
          Our associated realm.
 
Fields inherited from class org.w3c.jigsaw.auth.AuthFilter
ATTR_METHODS, ATTR_PRIVATE_CACHABILITY, ATTR_PUBLIC_CACHABILITY, ATTR_REALM, ATTR_SHARED_CACHABILITY, STATE_AUTHCONTEXT, STATE_AUTHTYPE, STATE_AUTHUSER
 
Fields inherited from class org.w3c.tools.resources.ResourceFrame
filterClass, frameListener, resource
 
Fields inherited from class org.w3c.tools.resources.FramedResource
ATTR_OID, attrListener, debugEvent, event_disabled, framesRef, structListener
 
Fields inherited from class org.w3c.tools.resources.Resource
ATTR_CONTEXT, ATTR_HELP_URL, ATTR_IDENTIFIER, ATTR_LAST_MODIFIED, ATTR_PARENT, ATTR_RESOURCE_FRAMES, ATTR_STORE_ENTRY, ATTR_URL, co, id
 
Fields inherited from class org.w3c.tools.resources.AttributeHolder
attributes, values
 
Constructor Summary
DigestAuthFilter()
           
 
Method Summary
protected  void acquireRealm()
          Get a pointer to our realm, and initialize our ipmatcher.
 void authenticate(Request request)
          Authenticate the given request.
protected  boolean checkRealm()
          Check that our realm does exist.
protected  boolean checkUser(AuthUser user)
           
 java.lang.String getAlgorithm()
          Get the algorithm used
 java.lang.String[] getAllowedGroups()
          Get the list of allowed groups.
 java.lang.String[] getAllowedUsers()
          Get the list of allowed users.
 void initialize(java.lang.Object[] values)
          Initialize the filter.
 ResourceReference lookupUser(java.lang.String name)
          Lookup a user by its name.
 ReplyInterface outgoingFilter(RequestInterface request, ReplyInterface reply)
          Add the appropriate cache control directives on the way back.
 void setValue(int idx, java.lang.Object value)
          Catch set value on the realm, to maintain cached values.
 
Methods inherited from class org.w3c.jigsaw.auth.AuthFilter
getMethods, getPrivateCachability, getPublicCachability, getRealm, getSharedCachability, lookup
 
Methods inherited from class org.w3c.tools.resources.ResourceFilter
exceptionFilter, getTargetResource, ingoingFilter, ingoingFilter, initialize, outgoingFilter, outputFilter, pickleValues
 
Methods inherited from class org.w3c.tools.resources.ResourceFrame
addFrameEventListener, attributeChanged, checkRequest, eventDisabled, fireFrameEvent, frameModified, getFilters, getFilters, getFrameReference, getResource, getResourceReference, getSpaceEntry, getURLPath, lookupFilters, lookupFrames, perform, postFrameEvent, processEvent, registerResource, removeFrameEventListener, unregisterResource, updateDefaultChildAttributes
 
Methods inherited from class org.w3c.tools.resources.FramedResource
addAttributeChangedListener, addStructureChangedListener, collectFramesReference, delete, disableEvent, displayEvent, enableEvent, fireAttributeChangeEvent, fireStructureChangedEvent, fireStructureChangedEvent, frameAdded, frameRemoved, getClone, getFrame, getFrame, getFrameReference, getFrameReference, getFramesReference, getOid, markModified, notifyUnload, performFrames, postAttributeChangeEvent, postEvent, postStructureChangedEvent, postStructureChangedEvent, registerFrame, registerFrameIfNone, removeAttributeChangedListener, removeStructureChangedListener, setSilentValue, setSilentValue, unregisterFrame
 
Methods inherited from class org.w3c.tools.resources.Resource
acceptUnload, checkMultipleLock, collectFrames, getContext, getFrame, getFrames, getHelpURL, getHelpURL, getIdentifier, getLastModified, getParent, getServer, getSpace, getStoreEntry, getValue, getValue, isInitialized, isUnloaded, setContext, setContext, setValue, unsafeGetContext, unsafeGetFrame, unsafeGetFrames, unsafeGetIdentifier, unsafeGetResourceReference, unsafeGetURLPath, unsafeGetValue, updateAttributes
 
Methods inherited from class org.w3c.tools.resources.AttributeHolder
definesAttribute, definesAttribute, getAttributes, getBoolean, getChar, getClone, getClone, getDouble, getFloat, getInt, getLong, getString, getValue, lookupAttribute, print, setBoolean, setChar, setDouble, setFloat, setInt, setLong, setString, setValue, unsafeDefinesAttribute, unsafeGetDouble, unsafeGetString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ATTR_ALLOWED_USERS

protected static int ATTR_ALLOWED_USERS
Attribute index - The list of allowed users.


ATTR_ALLOWED_GROUPS

protected static int ATTR_ALLOWED_GROUPS
Attribute index - The list of allowed groups.


ATTR_ALGORITHM

protected static int ATTR_ALGORITHM
Attribute index - The algorithm used


ATTR_NONCE_TTL

protected static int ATTR_NONCE_TTL
Attribute index - The nonce time to live (in seconds)


catalog

protected RealmsCatalog catalog
The catalog of realms that make our scope.


rr_realm

protected ResourceReference rr_realm
Our associated realm.


loaded_realm

protected java.lang.String loaded_realm
The nam of the realm we cache in realm.


challenge

protected HttpChallenge challenge
The challenge to issue to any client for Digest Authentication.


nonce

protected java.lang.String nonce
The nonce value of the digest, changed every X mn


old_nonce

protected java.lang.String old_nonce
The previous nonce value of the digest, changed every X mn

Constructor Detail

DigestAuthFilter

public DigestAuthFilter()
Method Detail

acquireRealm

protected void acquireRealm()
Get a pointer to our realm, and initialize our ipmatcher.


checkRealm

protected boolean checkRealm()
Check that our realm does exist. Otherwise we are probably being initialized, and we don't authenticate yet.

Returns:
A boolean true if realm can be initialized.

getAllowedUsers

public java.lang.String[] getAllowedUsers()
Get the list of allowed users.


getAllowedGroups

public java.lang.String[] getAllowedGroups()
Get the list of allowed groups.


getAlgorithm

public java.lang.String getAlgorithm()
Get the algorithm used


lookupUser

public ResourceReference lookupUser(java.lang.String name)
Lookup a user by its name.

Parameters:
name - The user's name.
Returns:
An AuthUser instance, or null.

checkUser

protected boolean checkUser(AuthUser user)

setValue

public void setValue(int idx,
                     java.lang.Object value)
Catch set value on the realm, to maintain cached values.

Overrides:
setValue in class ResourceFrame
Parameters:
idx - The index of the attribute to modify.
value - The new attribute value.

authenticate

public void authenticate(Request request)
                  throws ProtocolException
Authenticate the given request. We first check for valid authentication information. If no authentication is provided, than we try to map the IP address to some of the ones we know about. If the IP address is not found, we challenge the client for a password.

If the IP address is found, than either our user entry requires an extra password step (in wich case we challenge it), or simple IP based authentication is enough, so we allow the request.

Overrides:
authenticate in class AuthFilter
Parameters:
request - The request to be authentified.
Throws:
ProtocolException - if authentication failed

outgoingFilter

public ReplyInterface outgoingFilter(RequestInterface request,
                                     ReplyInterface reply)
Add the appropriate cache control directives on the way back.

Overrides:
outgoingFilter in class AuthFilter
Parameters:
request - The request that has been processed.
reply - The original reply.
Returns:
Always null.

initialize

public void initialize(java.lang.Object[] values)
Initialize the filter.

Overrides:
initialize in class FramedResource
Parameters:
values - Default attribute values.