Package uk.ac.starlink.auth
The main user-visible class of this package is
AuthManager
.
In general there is one user-visible instance of this class,
obtained from AuthManager.getInstance()
,
and its openStream
method can be used as a drop-in replacement for
URL.openStream()
;
other methods are available for more nuanced HTTP interactions.
If this is done, when a resource is encountered which issues a
401 or 403 challenge of a recognised type, the user will be queried
for credentials, which are used to acquire the resource in question,
and also for subsequent resources from the same domain, so that
multiple logins to the same domain are not required.
Some details about the above outline:
- The meaning of the term "domain" is dependent on the authentication scheme in use.
- The authentication schemes are recognised according to the
WWW-Authenticate
challenge headers accompanying an HTTP response (typcally, though not necessarily, 401/403). These recognised schemes are implementations of theAuthScheme
interface, of which several are provided, and of which a list may be configured on theAuthManager
. - The nature of the query to the user is determined by the
UserInterface
implementation installed on the AuthManager (seeAuthManager.setUserInterface
).
This package relies on VO standards that are still under discussion. The behaviour and user interface may change in future releases, and at time of writing not all data services that require or offer authentication advertise it in a way that AUTH can work with. It is hoped that authentication interoperability will improve in future versions of this library and of server-side software.
This package has no external dependencies, and may, depending on user demand, be released in future as a standalone package.
- Since:
- 31 Oct 2023
- Author:
- Mark Taylor
-
ClassDescriptionAggregates a URLConnection and the AuthContext used to make the connection.An object which is capable of manipulating HTTP connections to add required authentication information.Manages authentication.Represents an RFC7235 authentication scheme.Characterises the authentication associated with a connection.Enumerates different types of authentication available for a connection.Utilities used by authentication classes.Exception indicating that an authentication challenge is badly formed, for instance missing parameters required by the scheme to which it is supposed to conform.Implements HTTP Basic Authentication as defined in RFC7617.IvoaAuthScheme concrete subclass for working with bearer tokens.Represents and parses challenge specifications as defined by RFC7235.Simple abstraction of MIME type.Contains configuration for creating AuthContext objects from user credentials.IvoaAuthScheme concrete subclass for working with cookies.Partial AuthScheme implementation for standard SSO challenges.Knows how to acquire specific authentication information from an open URL connection.Provides SSO-compliant implementations of LoginProtocol.Defines a way to present credentials for the purpose of subsequent access to a service.Protection Space is a concept defined in RFC7235, aggregating the canonical root URI and an optional realm.Defines how HTTP 3xx redirects are handled.Defines how a connection is obtained from a URL.Abstraction via which authentication classes can acquire credentials from the user.Aggregates a username and password.IvoaAuthScheme concrete subclass for working with X509 certificates.