Package io.helidon.security.providers.httpauth

Interface UserStore.User

    • Method Detail

      • password

        char[] password()
        Get password of the user. The password must be provided in clear text, as we may need to create a digest based on the password and other (variable) values for digest authentication.
        Returns:
        password

      • isPasswordValid

        default boolean isPasswordValid​(char[] password)
        Description copied from interface: SecureUserStore.User
        Check if the password is valid. Used by basic authentication.
        Specified by:
        isPasswordValid in interface SecureUserStore.User
        Parameters:
        password - password of the user as obtained via basic authentication
        Returns:
        true if password is valid for this user, false otherwise

      • digestHa1

        default Optional<String> digestHa1​(String realm,
                                   HttpDigest.Algorithm algorithm)
        Description copied from interface: SecureUserStore.User
        Digest authentication requires a hash of username, realm and password. As password should not be revealed by systems, this is to provide the HA1 (from Digest Auth terminology) based on the known (public) information combined with the secret information available to user store only (password).

        ha1 algorithm (unq stands for "unquoted value") 

            ha1 = md5(a1);
    a1 = unq(username-value) ":" unq(realm-value) ":" passwd
        Specified by:
        digestHa1 in interface SecureUserStore.User
        Parameters:
        realm - configured realm
        algorithm - algorithm of the hash (current only MD5 supported by Helidon)
        Returns:
        a digest to use for validation of incoming request