Module io.helidon.security.providers.httpauth
Package io.helidon.security.providers.httpauth

Interface SecureUserStore.User

All Known Implementing Classes:
ConfigUserStore.ConfigUser
Enclosing interface:
SecureUserStore
public static interface SecureUserStore.User
Representation of a single user.

  • Method Summary

    Modifier and Type
    Method
    Description
    default Optional<String>
    digestHa1(String realm, HttpDigest.Algorithm algorithm)
    Deprecated, for removal: This API element is subject to removal in a future version.
    HTTP Digest authentication relies on obsolete MD5-based authentication and will be removed in a future version without replacement; to have a future proof implementation of this interface, do not implement this method
    boolean
    isPasswordValid(char[] password)
    Check if the password is valid.
    String
    login()
    Get login name.
    default Collection<String>
    roles()
    Get set of roles the user is in.

  • Method Details

    • login

      String login()
      Get login name.
      Returns:
      login of the user

    • isPasswordValid

      boolean isPasswordValid(char[] password)
      Check if the password is valid. Used by basic authentication.
      Parameters:
      password - password of the user as obtained via basic authentication
      Returns:
      true if password is valid for this user, false otherwise

    • roles

      default Collection<String> roles()
      Get set of roles the user is in.
      Returns:
      roles of this user (or empty if not supported).

    • digestHa1

      @Deprecated(since="4.5.0", forRemoval=true) default Optional<String> digestHa1(String realm, HttpDigest.Algorithm algorithm)
      Deprecated, for removal: This API element is subject to removal in a future version.
      HTTP Digest authentication relies on obsolete MD5-based authentication and will be removed in a future version without replacement; to have a future proof implementation of this interface, do not implement this method
      Digest authentication requires a hash of username, realm and password. As password should not be revealed by systems, this is to provide the HA1 (from Digest Auth terminology) based on the known (public) information combined with the secret information available to user store only (password).

      ha1 algorithm (unq stands for "unquoted value") 

          ha1 = md5(a1);
    a1 = unq(username-value) ":" unq(realm-value) ":" passwd
      Parameters:
      realm - configured realm
      algorithm - algorithm of the hash (current only MD5 supported by Helidon)
      Returns:
      a digest to use for validation of incoming request