Class HttpDigestAuthProvider.Builder
java.lang.Object
io.helidon.security.providers.httpauth.HttpDigestAuthProvider.Builder
- All Implemented Interfaces:
Builder<HttpDigestAuthProvider.Builder,
,HttpDigestAuthProvider> Supplier<HttpDigestAuthProvider>
- Enclosing class:
- HttpDigestAuthProvider
public static final class HttpDigestAuthProvider.Builder
extends Object
implements Builder<HttpDigestAuthProvider.Builder,HttpDigestAuthProvider>
HttpDigestAuthProvider
fluent API builder.-
Field Summary
Modifier and TypeFieldDescriptionstatic final long
Default is 24 hours. -
Method Summary
Modifier and TypeMethodDescriptionDigest QOP to support.build()
Build the instance from this builder.Update builder from configuration.digestAlgorithm
(HttpDigest.Algorithm algorithm) Digest algorithm to use.digestNonceTimeout
(long duration, TimeUnit unit) How long will the nonce value be valid.digestServerSecret
(char[] serverSecret) The nonce is encrypted using this secret - to make sure the nonce we get back was generated by us and to make sure we can safely time-out nonce values.Do not use qop in challenge (will fallback to legacy RFC-2069 instead of RFC-2617.optional
(boolean optional) Whether authentication is required.Set the realm to use when challenging users.subjectType
(SubjectType subjectType) Principal type this provider extracts (and also propagates).userStore
(SecureUserStore store) Set user store to obtain passwords and roles based on logins.
-
Field Details
-
DEFAULT_DIGEST_NONCE_TIMEOUT
public static final long DEFAULT_DIGEST_NONCE_TIMEOUTDefault is 24 hours.- See Also:
-
-
Method Details
-
config
Update builder from configuration.- Parameters:
config
- to read configuration from, located on the node of the provider- Returns:
- updated builder instance
-
build
Description copied from interface:Builder
Build the instance from this builder.- Specified by:
build
in interfaceBuilder<HttpDigestAuthProvider.Builder,
HttpDigestAuthProvider> - Returns:
- instance of the built type
-
subjectType
Principal type this provider extracts (and also propagates).- Parameters:
subjectType
- type of principal- Returns:
- updated builder instance
-
userStore
Set user store to obtain passwords and roles based on logins.- Parameters:
store
- User store to use- Returns:
- updated builder instance
-
optional
Whether authentication is required. By default, request will fail if the authentication cannot be verified. If set to false, request will process and this provider will abstain.- Parameters:
optional
- whether authentication is optional (true) or required (false)- Returns:
- updated builder instance
-
realm
Set the realm to use when challenging users.- Parameters:
realm
- security realm name to send to browser (or any other client) when unauthenticated- Returns:
- updated builder instance
-
digestAlgorithm
Digest algorithm to use.- Parameters:
algorithm
- Algorithm to use, default isHttpDigest.Algorithm.MD5
- Returns:
- updated builder instance
-
digestNonceTimeout
How long will the nonce value be valid. When timed-out, browser will re-request username/password. Defaults toDEFAULT_DIGEST_NONCE_TIMEOUT
TimeUnit.MILLISECONDS
.- Parameters:
duration
- Duration valueunit
- Duration time unit- Returns:
- updated builder instance
-
digestServerSecret
The nonce is encrypted using this secret - to make sure the nonce we get back was generated by us and to make sure we can safely time-out nonce values. This secret must be the same for all service instances (or all services that want to share the same authentication). Defaults to a random password - e.g. if deployed to multiple servers, the authentication WILL NOT WORK. You MUST provide your own password to work in a distributed environment with non-sticky load balancing.- Parameters:
serverSecret
- a password to encrypt our nonce values with- Returns:
- updated builder instance
-
addDigestQop
Digest QOP to support.- Parameters:
qop
- qop to add to list of supported qops- Returns:
- updated builder instance
-
noDigestQop
Do not use qop in challenge (will fallback to legacy RFC-2069 instead of RFC-2617.- Returns:
- updated builder instance
-