Detailed Description
This class implements HTTP Basic, HTTP Digest, and Form-Based Authentication.
The Authentication class, which implements all authentication methods in the server, is very useful in a mixed client environment. A limitation with Basic and Digest authentication is that the pop-up window presented by the browser is not user friendly. Consequently, it is common to use a customizable HTML user interface for login. A non-browser client such as a C program, a Java program, or a Python script will usually not be able to display a HTML based login user interface. For this reason, it is recommended to use Basic or Digest authentication for non-browser clients.
The Authentication class makes it possible for the client to decide on the authentication method used. The default authentication is a "form login" and will automatically be used by a HTML browser interface.
A non-HTML client can force the authentication to be one of Basic or Digest by explicitly setting the "Authorization" HTTP header. An instance of the Authentication class analyzes the "Authorization" HTTP header and forwards the request to one of Basic, Digest, or form based login classes. A non-authenticated user requesting a resource without an "Authorization" header is forwarded to the form login class.
It is very simple to use the Authentication class if you use a client HTTP library that automatically handles Digest and/or Basic authentication. You simply set the header to one of Basic or Digest and leave the implementation details to the client HTTP library.
Forcing the login to be Basic or Digest from a client using a client HTTP library:
setHttpHeader("PrefAuth", "Basic"); /* force basic authentication */
setHttpHeader("PrefAuth", "Digest"); /* force digest authentication */
Other uses for the Authentication class include use of Digest authentication for clients that can properly handle Digest authentication and use of Basic authentication for clients that cannot properly handle or do not implement Digest authentication.
#include <Authenticator.h>
Public Member Functions | |
| Authenticator (UserIntf *userDbIntf, const char *realm, LoginRespIntf *sendLogin) | |
| void | setLoginTracker (LoginTracker *tracker) |
| Prevent dictionary attacks. More... | |
| BasicAuthenticator * | getBasicAuthenticator () |
| Get the internal BasicAuthenticator. | |
| DigestAuthenticator * | getDigestAuthenticator () |
| Get the internal DigestAuthenticator. | |
| FormAuthenticator * | getFormAuthenticator () |
| Get the internal FormAuthenticator. | |
 Public Member Functions inherited from AuthenticatorIntf | |
| AuthenticatorIntf (AuthenticatorIntf_Authenticate authenticate) | |
| The constructor is used by one of the BasicAuthenticator, DigestAuthenticator or FormAuthenticator constructors. | |
| AuthenticatedUser * | authenticate (const char *relPath, HttpCommand *cmd) |
| Authenticate the user. More... | |