/*
 * ====================================================================
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 * ====================================================================
 *
 * This software consists of voluntary contributions made by many
 * individuals on behalf of the Apache Software Foundation.  For more
 * information on the Apache Software Foundation, please see
 * <http://www.apache.org/>.
 *
 */
package org.apache.http.impl.auth;

import org.apache.http.Header;
import org.apache.http.HttpRequest;
import org.apache.http.auth.AuthenticationException;
import org.apache.http.auth.Credentials;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.Args;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.Oid;

KERBEROS authentication scheme.
Since:4.2
/** * KERBEROS authentication scheme. * * @since 4.2 */
public class KerberosScheme extends GGSSchemeBase { private static final String KERBEROS_OID = "1.2.840.113554.1.2.2";
Since:4.4
/** * @since 4.4 */
public KerberosScheme(final boolean stripPort, final boolean useCanonicalHostname) { super(stripPort, useCanonicalHostname); } public KerberosScheme(final boolean stripPort) { super(stripPort); } public KerberosScheme() { super(); } @Override public String getSchemeName() { return "Kerberos"; }
Produces KERBEROS authorization Header based on token created by processChallenge.
Params:
  • credentials – not used by the KERBEROS scheme.
  • request – The request being authenticated
Throws:
Returns:KERBEROS authentication Header
/** * Produces KERBEROS authorization Header based on token created by * processChallenge. * * @param credentials not used by the KERBEROS scheme. * @param request The request being authenticated * * @throws AuthenticationException if authentication string cannot * be generated due to an authentication failure * * @return KERBEROS authentication Header */
@Override public Header authenticate( final Credentials credentials, final HttpRequest request, final HttpContext context) throws AuthenticationException { return super.authenticate(credentials, request, context); } @Override @SuppressWarnings("deprecation") protected byte[] generateToken(final byte[] input, final String authServer) throws GSSException { return super.generateToken(input, authServer); } @Override protected byte[] generateToken(final byte[] input, final String authServer, final Credentials credentials) throws GSSException { return generateGSSToken(input, new Oid(KERBEROS_OID), authServer, credentials); }
There are no valid parameters for KERBEROS authentication so this method always returns null.
Returns:null
/** * There are no valid parameters for KERBEROS authentication so this * method always returns {@code null}. * * @return {@code null} */
@Override public String getParameter(final String name) { Args.notNull(name, "Parameter name"); return null; }
The concept of an authentication realm is not supported by the Negotiate authentication scheme. Always returns null.
Returns:null
/** * The concept of an authentication realm is not supported by the Negotiate * authentication scheme. Always returns {@code null}. * * @return {@code null} */
@Override public String getRealm() { return null; }
Returns true. KERBEROS authentication scheme is connection based.
Returns:true.
/** * Returns {@code true}. KERBEROS authentication scheme is connection based. * * @return {@code true}. */
@Override public boolean isConnectionBased() { return true; } }