Package | com.kaazing.gateway.client.security |
Class | public class ChallengeHandler |
Subclasses | BasicChallengeHandler, DispatchChallengeHandler, NegotiableChallengeHandler, NegotiateChallengeHandler |
When an attempt to access a protected URI is made, the server responsible for serving the resource
may respond with HTTP status code 401, indicating that credentials need be provided before access to the
resource is granted. The specific type of challenge is indicated in a HTTP header called "WWW-Authenticate".
This 401 response and that header are converted into a ChallengeRequest
and sent to a
registered ChallengeHandler for authentication challenge responses. The ChallengeResponse
credentials
generated by a registered challenge handler are included in a replay of the original HTTP request to the server, which
(assuming the credentials are sufficient) allows access to the resource.
Public subclasses of ChallengeHandler can be loaded and instantiated using ChallengeHandlers
,
and registered to handle server challenges for specific URI locations
using DispatchChallengeHandler.register()
.
Any 401 responses to requests matching the registered location may be handled by the registered ChallengeHandler
as long as canHandle()
returns true. In the case where multiple registered challenge handlers
could respond to a challenge request, the earliest challenge handler registered at the most specific location matching
the protected URI is selected.
See also
Method | Defined by | ||
---|---|---|---|
canHandle(challengeRequest:ChallengeRequest):Boolean
Can the presented challenge be potentially handled by this challenge handler?
| ChallengeHandler | ||
Handle the presented challenge by creating a challenge response future.
| ChallengeHandler |
canHandle | () | method |
public function canHandle(challengeRequest:ChallengeRequest):Boolean
Can the presented challenge be potentially handled by this challenge handler?
ParameterschallengeRequest:ChallengeRequest — a challenge request object containing a challenge
|
Boolean — true iff this challenge handler could potentially respond meaningfully to the challenge.
|
handle | () | method |
public function handle(challengeRequest:ChallengeRequest, callback:Function):ChallengeResponseFuture
Handle the presented challenge by creating a challenge response future. When the future is fulfilled, the callback function will be called, and the challenge resposne processed appropriately.
By default, the implementation of this method fulfills the future using a
null
challenge response, triggering the callback and failing authentication.
challengeRequest:ChallengeRequest — a challenge object
|
|
callback:Function — a void function that is called when the challenge request handling is completed.
|
ChallengeResponseFuture —
a challenge response future object.
|
See also