See: Description
Class | Description |
---|---|
DigestAuthentication |
Utility class with high-level methods for parsing challenges and generating responses.
|
DigestChallenge |
Represents a HTTP digest challenge, as sent from the server to the client in a
WWW-Authenticate HTTP header. |
DigestChallengeResponse |
Represents a HTTP digest challenge response, as sent from the client to the server in a
Authorization header. |
WwwAuthenticateHeader |
Class for extracting challenges from
WWW-Authenticate headers. |
Enum | Description |
---|---|
DigestChallenge.QualityOfProtection |
Enumeration of the various types of quality of protection.
|
Exception | Description |
---|---|
ChallengeParseException |
Indicates that a
WWW-Authenticate header or challenge could not be parsed because it
is malformed. |
InsufficientInformationException |
Indicates that not enough information has been provided to perform the requested operation.
|
Here is an example of how to make a request and respond to a Digest challenge:
// Step 1. Create the connection URL url = new URL("http://httpbin.org/digest-auth/auth/user/passwd"); HttpURLConnection connection = (HttpURLConnection) url.openConnection(); // Step 2. Make the request and check to see if the response contains an authorization challenge if (connection.getResponseCode() == HttpURLConnection.HTTP_UNAUTHORIZED) { // Step 3. Create a authentication object from the challenge... DigestAuthentication auth = DigestAuthentication.fromResponse(connection); // ...with correct credentials auth.username("user").password("passwd"); // Step 4 (Optional). Check if the challenge was a digest challenge of a supported type if (!auth.canRespond()) { // No digest challenge or a challenge of an unsupported type - do something else or fail return; } // Step 5. Create a new connection, identical to the original one... connection = (HttpURLConnection) url.openConnection(); // ...and set the Authorization header on the request, with the challenge response connection.setRequestProperty(DigestChallengeResponse.HTTP_HEADER_AUTHORIZATION, auth.getAuthorizationForRequest("GET", connection.getURL().getPath())); }
DigestAuthentication
is the main entry point of the API,
read the documentation for more examples. Some other useful classes include:
WwwAuthenticateHeader
which can be used to parse
challenges from WWW-Authenticate headers, including challenges of other types than Digest.DigestChallenge
which provides functionality for
parsing digest challenges.DigestChallengeResponse
which provides functionality
for generating responses to digest challenges.