Class HttpDigestAuthProvider.Builder
- java.lang.Object
-
- io.helidon.security.providers.httpauth.HttpDigestAuthProvider.Builder
-
- All Implemented Interfaces:
Builder<HttpDigestAuthProvider>
,Supplier<HttpDigestAuthProvider>
- Enclosing class:
- HttpDigestAuthProvider
public static final class HttpDigestAuthProvider.Builder extends Object implements Builder<HttpDigestAuthProvider>
HttpDigestAuthProvider
fluent API builder.
-
-
Field Summary
Fields Modifier and Type Field Description static long
DEFAULT_DIGEST_NONCE_TIMEOUT
Default is 24 hours.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description HttpDigestAuthProvider.Builder
addDigestQop(HttpDigest.Qop qop)
Digest QOP to support.HttpDigestAuthProvider
build()
Build the instance from this builder.HttpDigestAuthProvider.Builder
config(Config config)
Update builder from configuration.HttpDigestAuthProvider.Builder
digestAlgorithm(HttpDigest.Algorithm algorithm)
Digest algorithm to use.HttpDigestAuthProvider.Builder
digestNonceTimeout(long duration, TimeUnit unit)
How long will the nonce value be valid.HttpDigestAuthProvider.Builder
digestServerSecret(char[] serverSecret)
The nonce is encrypted using this secret - to make sure the nonce we get back was generated by us and to make sure we can safely time-out nonce values.HttpDigestAuthProvider.Builder
noDigestQop()
Do not use qop in challenge (will fallback to legacy RFC-2069 instead of RFC-2617.HttpDigestAuthProvider.Builder
realm(String realm)
Set the realm to use when challenging users.HttpDigestAuthProvider.Builder
subjectType(SubjectType subjectType)
Principal type this provider extracts (and also propagates).HttpDigestAuthProvider.Builder
userStore(SecureUserStore store)
Set user store to obtain passwords and roles based on logins.
-
-
-
Field Detail
-
DEFAULT_DIGEST_NONCE_TIMEOUT
public static final long DEFAULT_DIGEST_NONCE_TIMEOUT
Default is 24 hours.- See Also:
- Constant Field Values
-
-
Method Detail
-
config
public HttpDigestAuthProvider.Builder config(Config config)
Update builder from configuration.- Parameters:
config
- to read configuration from, located on the node of the provider- Returns:
- updated builder instance
-
build
public HttpDigestAuthProvider build()
Description copied from interface:Builder
Build the instance from this builder.- Specified by:
build
in interfaceBuilder<HttpDigestAuthProvider>
- Returns:
- instance of the built type
-
subjectType
public HttpDigestAuthProvider.Builder subjectType(SubjectType subjectType)
Principal type this provider extracts (and also propagates).- Parameters:
subjectType
- type of principal- Returns:
- updated builder instance
-
userStore
public HttpDigestAuthProvider.Builder userStore(SecureUserStore store)
Set user store to obtain passwords and roles based on logins.- Parameters:
store
- User store to use- Returns:
- updated builder instance
-
realm
public HttpDigestAuthProvider.Builder realm(String realm)
Set the realm to use when challenging users.- Parameters:
realm
- security realm name to send to browser (or any other client) when unauthenticated- Returns:
- updated builder instance
-
digestAlgorithm
public HttpDigestAuthProvider.Builder digestAlgorithm(HttpDigest.Algorithm algorithm)
Digest algorithm to use.- Parameters:
algorithm
- Algorithm to use, default isHttpDigest.Algorithm.MD5
- Returns:
- updated builder instance
-
digestNonceTimeout
public HttpDigestAuthProvider.Builder digestNonceTimeout(long duration, TimeUnit unit)
How long will the nonce value be valid. When timed-out, browser will re-request username/password. Defaults toDEFAULT_DIGEST_NONCE_TIMEOUT
TimeUnit.MILLISECONDS
.- Parameters:
duration
- Duration valueunit
- Duration time unit- Returns:
- updated builder instance
-
digestServerSecret
public HttpDigestAuthProvider.Builder digestServerSecret(char[] serverSecret)
The nonce is encrypted using this secret - to make sure the nonce we get back was generated by us and to make sure we can safely time-out nonce values. This secret must be the same for all service instances (or all services that want to share the same authentication). Defaults to a random password - e.g. if deployed to multiple servers, the authentication WILL NOT WORK. You MUST provide your own password to work in a distributed environment with non-sticky load balancing.- Parameters:
serverSecret
- a password to encrypt our nonce values with- Returns:
- updated builder instance
-
addDigestQop
public HttpDigestAuthProvider.Builder addDigestQop(HttpDigest.Qop qop)
Digest QOP to support.- Parameters:
qop
- qop to add to list of supported qops- Returns:
- updated builder instance
-
noDigestQop
public HttpDigestAuthProvider.Builder noDigestQop()
Do not use qop in challenge (will fallback to legacy RFC-2069 instead of RFC-2617.- Returns:
- updated builder instance
-
-