public class

DigestAuthenticationEntryPoint

extends Object
implements InitializingBean Ordered AuthenticationEntryPoint
java.lang.Object
   ↳ org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint

Class Overview

Used by the SecurityEnforcementFilter to commence authentication via the DigestAuthenticationFilter.

The nonce sent back to the user agent will be valid for the period indicated by setNonceValiditySeconds(int). By default this is 300 seconds. Shorter times should be used if replay attacks are a major concern. Larger values can be used if performance is a greater concern. This class correctly presents the stale=true header when the nonce has expired, so properly implemented user agents will automatically renegotiate with a new nonce value (i.e. without presenting a new password dialog box to the user).

Summary

Public Constructors
DigestAuthenticationEntryPoint()
Public Methods
void afterPropertiesSet()
void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
Commences an authentication scheme.
String getKey()
int getNonceValiditySeconds()
int getOrder()
String getRealmName()
void setKey(String key)
void setNonceValiditySeconds(int nonceValiditySeconds)
void setOrder(int order)
void setRealmName(String realmName)
[Expand]
Inherited Methods
From class java.lang.Object
From interface org.springframework.beans.factory.InitializingBean
From interface org.springframework.core.Ordered
From interface org.springframework.security.web.AuthenticationEntryPoint

Public Constructors

public DigestAuthenticationEntryPoint ()

Public Methods

public void afterPropertiesSet ()

Throws
Exception

public void commence (HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)

Commences an authentication scheme.

ExceptionTranslationFilter will populate the HttpSession attribute named AbstractAuthenticationProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY with the requested target URL before calling this method.

Implementations should modify the headers on the ServletResponse as necessary to commence the authentication process.

Parameters
request that resulted in an AuthenticationException
response so that the user agent can begin authentication
authException that caused the invocation
Throws
IOException
ServletException

public String getKey ()

public int getNonceValiditySeconds ()

public int getOrder ()

public String getRealmName ()

public void setKey (String key)

public void setNonceValiditySeconds (int nonceValiditySeconds)

public void setOrder (int order)

public void setRealmName (String realmName)