Module io.helidon.security.providers.httpauth
Package io.helidon.security.providers.httpauth

Class HttpDigestAuthProvider.Builder

java.lang.Object
io.helidon.security.providers.httpauth.HttpDigestAuthProvider.Builder
All Implemented Interfaces:
Builder<HttpDigestAuthProvider.Builder,HttpDigestAuthProvider>, Supplier<HttpDigestAuthProvider>
Enclosing class:
HttpDigestAuthProvider
@Deprecated(since="4.5.0", forRemoval=true) public static final class HttpDigestAuthProvider.Builder extends Object implements Builder<HttpDigestAuthProvider.Builder,HttpDigestAuthProvider>
Deprecated, for removal: This API element is subject to removal in a future version.
HTTP Digest authentication relies on obsolete MD5-based authentication and will be removed in a future version without replacement
HttpDigestAuthProvider fluent API builder.

  • Field Details

    • DEFAULT_DIGEST_NONCE_TIMEOUT

      public static final long DEFAULT_DIGEST_NONCE_TIMEOUT
      Deprecated, for removal: This API element is subject to removal in a future version.
      Default is 24 hours.
      See Also:

  • Method Details

    • config

      @Deprecated(since="4.4.0", forRemoval=true) public HttpDigestAuthProvider.Builder config(Config config)
      Deprecated, for removal: This API element is subject to removal in a future version.
      use config(io.helidon.config.Config) instead
      Update builder from configuration.
      Parameters:
      config - to read configuration from, located on the node of the provider
      Returns:
      updated builder instance

    • config

      public HttpDigestAuthProvider.Builder config(Config config)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Update builder from configuration.
      Parameters:
      config - to read configuration from, located on the node of the provider
      Returns:
      updated builder instance

    • build

      public HttpDigestAuthProvider build()
      Deprecated, for removal: This API element is subject to removal in a future version.
      Description copied from interface: Builder
      Build the instance from this builder.
      Specified by:
      build in interface Builder<HttpDigestAuthProvider.Builder,HttpDigestAuthProvider>
      Returns:
      instance of the built type

    • subjectType

      public HttpDigestAuthProvider.Builder subjectType(SubjectType subjectType)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Principal type this provider extracts (and also propagates).
      Parameters:
      subjectType - type of principal
      Returns:
      updated builder instance

    • userStore

      public HttpDigestAuthProvider.Builder userStore(SecureUserStore store)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Set user store to obtain passwords and roles based on logins.
      Parameters:
      store - User store to use
      Returns:
      updated builder instance

    • optional

      public HttpDigestAuthProvider.Builder optional(boolean optional)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Whether authentication is required. By default, request will fail if the authentication cannot be verified. If set to false, request will process and this provider will abstain.
      Parameters:
      optional - whether authentication is optional (true) or required (false)
      Returns:
      updated builder instance

    • realm

      public HttpDigestAuthProvider.Builder realm(String realm)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Set the realm to use when challenging users.
      Parameters:
      realm - security realm name to send to browser (or any other client) when unauthenticated
      Returns:
      updated builder instance

    • digestAlgorithm

      public HttpDigestAuthProvider.Builder digestAlgorithm(HttpDigest.Algorithm algorithm)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Digest algorithm to use.
      Parameters:
      algorithm - Algorithm to use, default is HttpDigest.Algorithm.MD5
      Returns:
      updated builder instance

    • digestNonceTimeout

      public HttpDigestAuthProvider.Builder digestNonceTimeout(long duration, TimeUnit unit)
      Deprecated, for removal: This API element is subject to removal in a future version.
      How long will the nonce value be valid. When timed-out, browser will re-request username/password. Defaults to DEFAULT_DIGEST_NONCE_TIMEOUT TimeUnit.MILLISECONDS.
      Parameters:
      duration - Duration value
      unit - Duration time unit
      Returns:
      updated builder instance

    • digestServerSecret

      public HttpDigestAuthProvider.Builder digestServerSecret(char[] serverSecret)
      Deprecated, for removal: This API element is subject to removal in a future version.
      The nonce is encrypted using this secret - to make sure the nonce we get back was generated by us and to make sure we can safely time-out nonce values. This secret must be the same for all service instances (or all services that want to share the same authentication). Defaults to a random password - e.g. if deployed to multiple servers, the authentication WILL NOT WORK. You MUST provide your own password to work in a distributed environment with non-sticky load balancing.
      Parameters:
      serverSecret - a password to encrypt our nonce values with
      Returns:
      updated builder instance

    • addDigestQop

      public HttpDigestAuthProvider.Builder addDigestQop(HttpDigest.Qop qop)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Digest QOP to support.
      Parameters:
      qop - qop to add to list of supported qops
      Returns:
      updated builder instance

    • noDigestQop

      public HttpDigestAuthProvider.Builder noDigestQop()
      Deprecated, for removal: This API element is subject to removal in a future version.
      Do not use qop in challenge (will fallback to legacy RFC-2069 instead of RFC-2617.
      Returns:
      updated builder instance