Package com.bfo.netkeystore.server

Class BasicAuthorization

java.lang.Object
com.bfo.netkeystore.server.Authorization
com.bfo.netkeystore.server.BasicAuthorization
public class BasicAuthorization extends Authorization
An implementation of Authorization that supports "basic" authentication.

  • Constructor Details

    • BasicAuthorization

      public BasicAuthorization()

  • Method Details

    • type

      public String type()
      Returns "basic"
      Specified by:
      type in class Authorization
      Returns:
      the type

    • setServer

      public void setServer(Server server)
      Description copied from class: Authorization
      Set the Server this Authorization is working for
      Specified by:
      setServer in class Authorization
      Parameters:
      server - the server

    • matches

      public boolean matches(Principal principal, Credential credential)
      Description copied from class: Authorization
      Return true if the specified credential is usable by this user. This is a secondary test to the one built-in to the server, which checks the "users" property on each key. It could be extended to match X.509 certificates on the key to the SSL client certificate, for example. The default implementation always returns true.
      Specified by:
      matches in class Authorization
      Parameters:
      principal - the principal
      credential - the credential
      Returns:
      true if the key can be used by this principal

    • configure

      public void configure(Json config)
      The configuration should include a "users" list which contains zero or more objects with properties including "name", "plaintext" and "credentials"
      Specified by:
      configure in class Authorization
      Parameters:
      config - the server configuration

    • initialize

      public void initialize(HttpServer htserver, String prefix, Json info)
      Description copied from class: Authorization
      Initialize the HttpServer on startup.
      Specified by:
      initialize in class Authorization
      Parameters:
      htserver - the HttpServer to add methods or configure TLS authentication on
      prefix - the base prefix for any methods being added - typically this is something like "/csc/v1".
      info - a template for the info response, which can have values added to it - for example, adding "auth/login" to the "methods" list

    • authorize

      public Principal authorize(HttpExchange exchange) throws IOException
      Description copied from class: Authorization
      Authorize the HTTP exchange. Return the Principal if authorized and normal processing should continue, or null if this method has intercepted the exchange and sent a 401 error due to authorization failure.
      Specified by:
      authorize in class Authorization
      Parameters:
      exchange - the HttpExchange
      Returns:
      the Principal, which may be Authorization.ANONYMOUS, a JWT, a X500Principal or something else
      Throws:
      IOException - for IOException

    • logout

      protected void logout(JWT principal)
      Log out the specified user
      Parameters:
      principal - the principal

    • login

      protected JWT login(String userid, String password)
      Verify the user/password. If verified, return the list of credentials they can access, or null if they can access all of them. A custom implementation could overrride this method to use an external source for this data
      Parameters:
      userid - the user
      password - the password
      Returns:
      the JWT representing the user, or null if the login details are invalid
      Throws:
      RuntimeException - if the login is invalid