Class HttpDigestAuthProvider.Builder
- java.lang.Object
-
- io.helidon.security.providers.httpauth.HttpDigestAuthProvider.Builder
-
- All Implemented Interfaces:
Builder<HttpDigestAuthProvider>,Supplier<HttpDigestAuthProvider>
- Enclosing class:
- HttpDigestAuthProvider
public static final class HttpDigestAuthProvider.Builder extends Object implements Builder<HttpDigestAuthProvider>
HttpDigestAuthProviderfluent API builder.
-
-
Field Summary
Fields Modifier and Type Field Description static longDEFAULT_DIGEST_NONCE_TIMEOUTDefault is 24 hours.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description HttpDigestAuthProvider.BuilderaddDigestQop(HttpDigest.Qop qop)Digest QOP to support.HttpDigestAuthProviderbuild()Build the instance from this builder.HttpDigestAuthProvider.Builderconfig(Config config)Update builder from configuration.HttpDigestAuthProvider.BuilderdigestAlgorithm(HttpDigest.Algorithm algorithm)Digest algorithm to use.HttpDigestAuthProvider.BuilderdigestNonceTimeout(long duration, TimeUnit unit)How long will the nonce value be valid.HttpDigestAuthProvider.BuilderdigestServerSecret(char[] serverSecret)The nonce is encrypted using this secret - to make sure the nonce we get back was generated by us and to make sure we can safely time-out nonce values.HttpDigestAuthProvider.BuildernoDigestQop()Do not use qop in challenge (will fallback to legacy RFC-2069 instead of RFC-2617.HttpDigestAuthProvider.Builderoptional(boolean optional)Whether authentication is required.HttpDigestAuthProvider.Builderrealm(String realm)Set the realm to use when challenging users.HttpDigestAuthProvider.BuildersubjectType(SubjectType subjectType)Principal type this provider extracts (and also propagates).HttpDigestAuthProvider.BuilderuserStore(SecureUserStore store)Set user store to obtain passwords and roles based on logins.
-
-
-
Field Detail
-
DEFAULT_DIGEST_NONCE_TIMEOUT
public static final long DEFAULT_DIGEST_NONCE_TIMEOUT
Default is 24 hours.- See Also:
- Constant Field Values
-
-
Method Detail
-
config
public HttpDigestAuthProvider.Builder config(Config config)
Update builder from configuration.- Parameters:
config- to read configuration from, located on the node of the provider- Returns:
- updated builder instance
-
build
public HttpDigestAuthProvider build()
Description copied from interface:BuilderBuild the instance from this builder.- Specified by:
buildin interfaceBuilder<HttpDigestAuthProvider>- Returns:
- instance of the built type
-
subjectType
public HttpDigestAuthProvider.Builder subjectType(SubjectType subjectType)
Principal type this provider extracts (and also propagates).- Parameters:
subjectType- type of principal- Returns:
- updated builder instance
-
userStore
public HttpDigestAuthProvider.Builder userStore(SecureUserStore store)
Set user store to obtain passwords and roles based on logins.- Parameters:
store- User store to use- Returns:
- updated builder instance
-
optional
public HttpDigestAuthProvider.Builder optional(boolean optional)
Whether authentication is required. By default, request will fail if the authentication cannot be verified. If set to false, request will process and this provider will abstain.- Parameters:
optional- whether authentication is optional (true) or required (false)- Returns:
- updated builder instance
-
realm
public HttpDigestAuthProvider.Builder realm(String realm)
Set the realm to use when challenging users.- Parameters:
realm- security realm name to send to browser (or any other client) when unauthenticated- Returns:
- updated builder instance
-
digestAlgorithm
public HttpDigestAuthProvider.Builder digestAlgorithm(HttpDigest.Algorithm algorithm)
Digest algorithm to use.- Parameters:
algorithm- Algorithm to use, default isHttpDigest.Algorithm.MD5- Returns:
- updated builder instance
-
digestNonceTimeout
public HttpDigestAuthProvider.Builder digestNonceTimeout(long duration, TimeUnit unit)
How long will the nonce value be valid. When timed-out, browser will re-request username/password. Defaults toDEFAULT_DIGEST_NONCE_TIMEOUTTimeUnit.MILLISECONDS.- Parameters:
duration- Duration valueunit- Duration time unit- Returns:
- updated builder instance
-
digestServerSecret
public HttpDigestAuthProvider.Builder digestServerSecret(char[] serverSecret)
The nonce is encrypted using this secret - to make sure the nonce we get back was generated by us and to make sure we can safely time-out nonce values. This secret must be the same for all service instances (or all services that want to share the same authentication). Defaults to a random password - e.g. if deployed to multiple servers, the authentication WILL NOT WORK. You MUST provide your own password to work in a distributed environment with non-sticky load balancing.- Parameters:
serverSecret- a password to encrypt our nonce values with- Returns:
- updated builder instance
-
addDigestQop
public HttpDigestAuthProvider.Builder addDigestQop(HttpDigest.Qop qop)
Digest QOP to support.- Parameters:
qop- qop to add to list of supported qops- Returns:
- updated builder instance
-
noDigestQop
public HttpDigestAuthProvider.Builder noDigestQop()
Do not use qop in challenge (will fallback to legacy RFC-2069 instead of RFC-2617.- Returns:
- updated builder instance
-
-