Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.unboundid.scim.sdk
Class PreemptiveAuthInterceptor

java.lang.Object
  extended by com.unboundid.scim.sdk.PreemptiveAuthInterceptor
All Implemented Interfaces:
org.apache.http.HttpRequestInterceptor
public class PreemptiveAuthInterceptor
extends Object
implements org.apache.http.HttpRequestInterceptor

This class can be used to configure the Apache Http Client for preemptive authentication. In this mode, the client will send the basic authentication response even before the server gives an unauthorized response in certain situations. This reduces the overhead of making requests over authenticated connections. This behavior conforms to RFC2617: A client MAY preemptively send the corresponding Authorization header with requests for resources in that space without receipt of another challenge from the server. Similarly, when a client sends a request to a proxy, it may reuse a userid and password in the Proxy-Authorization header field without receiving another challenge from the proxy server. The Apache Http Client does not support preemptive authentication out of the box, because if misused or used incorrectly the preemptive authentication can lead to significant security issues, such as sending user credentials in clear text to an unauthorized third party.

Constructor Summary
PreemptiveAuthInterceptor(org.apache.http.auth.AuthScheme authScheme, org.apache.http.auth.Credentials credentials)
          Constructs a new PreemptiveAuthInterceptor.
 
Method Summary
 void process(org.apache.http.HttpRequest request, org.apache.http.protocol.HttpContext context)
          
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PreemptiveAuthInterceptor

public PreemptiveAuthInterceptor(org.apache.http.auth.AuthScheme authScheme,
                                 org.apache.http.auth.Credentials credentials)
Constructs a new PreemptiveAuthInterceptor. It is important that this is added as the first request interceptor in the chain. You can do this by making sure the second parameter is zero when adding the interceptor:

httpClient.addRequestInterceptor( new PreemptiveAuthInterceptor(new BasicScheme(), credentials), 0);

Parameters:
authScheme - The AuthScheme to use. This may not be null.
credentials - The Credentials to use. This may not be null.
Method Detail

process

public void process(org.apache.http.HttpRequest request,
                    org.apache.http.protocol.HttpContext context)
             throws org.apache.http.HttpException,
                    IOException

Specified by:
process in interface org.apache.http.HttpRequestInterceptor
Throws:
org.apache.http.HttpException
IOException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2011-2012 UnboundID. All Rights Reserved.