Package org.wildfly.security.http
Class HttpConstants
- java.lang.Object
-
- org.wildfly.security.http.HttpConstants
-
public class HttpConstants extends Object
Constants used within HTTP based authentication.- Author:
- Darran Lofthouse
-
-
Field Summary
Fields Modifier and Type Field Description static String
ACCEPT
static String
ALGORITHM
static String
AUTH
static String
AUTH_PARAM
static String
AUTHENTICATION_INFO
static String
AUTHORIZATION
static int
BAD_REQUEST
static String
BASIC_NAME
static String
BEARER_TOKEN
static Pattern
BEARER_TOKEN_PATTERN
Bearer token pattern.static String
CHARSET
static String
CLIENT_CERT_NAME
static String
CNONCE
static String
CONFIG_CONTEXT_PATH
static String
CONFIG_CREATE_NAME_GSS_INIT
This enables workaround for native GSS, where createName() needs to be called for correct GSSContext initialization.static String
CONFIG_DISABLE_RESTORE_SECURITY_IDENTITY
In clustered environment Security Identity is restored during failover, load balancer change node (not sticky behavior) and session passivation/activation.static String
CONFIG_ERROR_PAGE
The context relative path of the error page.static String
CONFIG_GSS_MANAGER
This allows aGSSManager
instance to be passed into the authentication mechanisms.static String
CONFIG_LOGIN_PAGE
The context relative path of the login page.static String
CONFIG_POST_LOCATION
This defines the location used by mechanisms dependent on the response to the challenge being sent in using 'POST'.static String
CONFIG_REALM
static String
CONFIG_SKIP_CERTIFICATE_VERIFICATION
static String
CONFIG_STATE_SCOPES
A comma separated list of scopes in preferred order the mechanism should attempt to use to persist state including the caching of any previously authenticated identity.static String
CONFIG_VALIDATE_DIGEST_URI
static String
DIGEST_NAME
static String
DIGEST_SHA256_NAME
static String
DIGEST_SHA512_256_NAME
static String
DISABLE_SESSION_ID_CHANGE
If set totrue
the SPNEGO and FORM authentication mechanisms will not change the session ID after a successful authentication.static String
DOMAIN
static String
ERROR
Errorsstatic String
ERROR_DESCRIPTION
static String
EXTERNAL_NAME
static String
FACES_REQUEST
static int
FORBIDDEN
static String
FORM_NAME
static int
FOUND
static String
HOST
static String
HTTP
static String
HTTPS
static String
INVALID_TOKEN
static String
LOCATION
static String
MD5
static String
NC
static String
NEGOTIATE
static String
NEXT_NONCE
static String
NO_TOKEN
static String
NONCE
static int
OK
static String
OPAQUE
static String
OPTIONS
static String
PARTIAL
static String
POST
static String
QOP
static String
REALM
static String
RESPONSE
static String
RSPAUTH
static String
SECURITY_IDENTITY
The property which holds the negotiated security identity after a successful HTTP server-side authentication.static int
SEE_OTHER
static String
SHA256
static String
SHA512_256
static String
SOAP_ACTION
static String
SPNEGO_NAME
static String
STALE
static String
STALE_TOKEN
static int
TEMPORARY_REDIRECT
static int
UNAUTHORIZED
static String
URI
static String
USERNAME
static String
USERNAME_STAR
static String
WWW_AUTHENTICATE
static String
X_REQUESTED_WITH
static String
XML_HTTP_REQUEST
-
-
-
Field Detail
-
SECURITY_IDENTITY
public static final String SECURITY_IDENTITY
The property which holds the negotiated security identity after a successful HTTP server-side authentication.- See Also:
- Constant Field Values
-
CONFIG_CONTEXT_PATH
public static final String CONFIG_CONTEXT_PATH
-
CONFIG_REALM
public static final String CONFIG_REALM
-
CONFIG_VALIDATE_DIGEST_URI
public static final String CONFIG_VALIDATE_DIGEST_URI
-
CONFIG_SKIP_CERTIFICATE_VERIFICATION
public static final String CONFIG_SKIP_CERTIFICATE_VERIFICATION
-
CONFIG_LOGIN_PAGE
public static final String CONFIG_LOGIN_PAGE
The context relative path of the login page.
-
CONFIG_ERROR_PAGE
public static final String CONFIG_ERROR_PAGE
The context relative path of the error page.
-
CONFIG_POST_LOCATION
public static final String CONFIG_POST_LOCATION
This defines the location used by mechanisms dependent on the response to the challenge being sent in using 'POST'.
-
CONFIG_GSS_MANAGER
public static final String CONFIG_GSS_MANAGER
This allows aGSSManager
instance to be passed into the authentication mechanisms.
-
CONFIG_CREATE_NAME_GSS_INIT
public static final String CONFIG_CREATE_NAME_GSS_INIT
This enables workaround for native GSS, where createName() needs to be called for correct GSSContext initialization. Set to "true" to call createName() as part of GSSContext initialization. This is workaround of JDK-8194073.
-
CONFIG_DISABLE_RESTORE_SECURITY_IDENTITY
public static final String CONFIG_DISABLE_RESTORE_SECURITY_IDENTITY
In clustered environment Security Identity is restored during failover, load balancer change node (not sticky behavior) and session passivation/activation. Set to "true" to disable this behavior.
-
CONFIG_STATE_SCOPES
public static final String CONFIG_STATE_SCOPES
A comma separated list of scopes in preferred order the mechanism should attempt to use to persist state including the caching of any previously authenticated identity. Accepted values are: -- CONNECTION
- SESSION
- SSL_SESSION
- NONE
-
DISABLE_SESSION_ID_CHANGE
public static final String DISABLE_SESSION_ID_CHANGE
If set totrue
the SPNEGO and FORM authentication mechanisms will not change the session ID after a successful authentication. Where set the web application should be configured to use cookies exclusively for session management.
-
ALGORITHM
public static final String ALGORITHM
- See Also:
- Constant Field Values
-
AUTH
public static final String AUTH
- See Also:
- Constant Field Values
-
AUTH_PARAM
public static final String AUTH_PARAM
- See Also:
- Constant Field Values
-
CHARSET
public static final String CHARSET
- See Also:
- Constant Field Values
-
CNONCE
public static final String CNONCE
- See Also:
- Constant Field Values
-
DOMAIN
public static final String DOMAIN
- See Also:
- Constant Field Values
-
NC
public static final String NC
- See Also:
- Constant Field Values
-
NEGOTIATE
public static final String NEGOTIATE
- See Also:
- Constant Field Values
-
NEXT_NONCE
public static final String NEXT_NONCE
- See Also:
- Constant Field Values
-
NONCE
public static final String NONCE
- See Also:
- Constant Field Values
-
PARTIAL
public static final String PARTIAL
- See Also:
- Constant Field Values
-
OPAQUE
public static final String OPAQUE
- See Also:
- Constant Field Values
-
QOP
public static final String QOP
- See Also:
- Constant Field Values
-
REALM
public static final String REALM
- See Also:
- Constant Field Values
-
RSPAUTH
public static final String RSPAUTH
- See Also:
- Constant Field Values
-
RESPONSE
public static final String RESPONSE
- See Also:
- Constant Field Values
-
STALE
public static final String STALE
- See Also:
- Constant Field Values
-
URI
public static final String URI
- See Also:
- Constant Field Values
-
USERNAME
public static final String USERNAME
- See Also:
- Constant Field Values
-
USERNAME_STAR
public static final String USERNAME_STAR
- See Also:
- Constant Field Values
-
XML_HTTP_REQUEST
public static final String XML_HTTP_REQUEST
- See Also:
- Constant Field Values
-
ACCEPT
public static final String ACCEPT
- See Also:
- Constant Field Values
-
AUTHENTICATION_INFO
public static final String AUTHENTICATION_INFO
- See Also:
- Constant Field Values
-
AUTHORIZATION
public static final String AUTHORIZATION
- See Also:
- Constant Field Values
-
FACES_REQUEST
public static final String FACES_REQUEST
- See Also:
- Constant Field Values
-
HOST
public static final String HOST
- See Also:
- Constant Field Values
-
LOCATION
public static final String LOCATION
- See Also:
- Constant Field Values
-
SOAP_ACTION
public static final String SOAP_ACTION
- See Also:
- Constant Field Values
-
WWW_AUTHENTICATE
public static final String WWW_AUTHENTICATE
- See Also:
- Constant Field Values
-
X_REQUESTED_WITH
public static final String X_REQUESTED_WITH
- See Also:
- Constant Field Values
-
ERROR
public static final String ERROR
Errors- See Also:
- Constant Field Values
-
ERROR_DESCRIPTION
public static final String ERROR_DESCRIPTION
- See Also:
- Constant Field Values
-
INVALID_TOKEN
public static final String INVALID_TOKEN
- See Also:
- Constant Field Values
-
STALE_TOKEN
public static final String STALE_TOKEN
- See Also:
- Constant Field Values
-
NO_TOKEN
public static final String NO_TOKEN
- See Also:
- Constant Field Values
-
BASIC_NAME
public static final String BASIC_NAME
- See Also:
- Constant Field Values
-
CLIENT_CERT_NAME
public static final String CLIENT_CERT_NAME
- See Also:
- Constant Field Values
-
DIGEST_NAME
public static final String DIGEST_NAME
- See Also:
- Constant Field Values
-
DIGEST_SHA256_NAME
public static final String DIGEST_SHA256_NAME
- See Also:
- Constant Field Values
-
DIGEST_SHA512_256_NAME
public static final String DIGEST_SHA512_256_NAME
- See Also:
- Constant Field Values
-
EXTERNAL_NAME
public static final String EXTERNAL_NAME
- See Also:
- Constant Field Values
-
FORM_NAME
public static final String FORM_NAME
- See Also:
- Constant Field Values
-
SPNEGO_NAME
public static final String SPNEGO_NAME
- See Also:
- Constant Field Values
-
BEARER_TOKEN
public static final String BEARER_TOKEN
- See Also:
- Constant Field Values
-
OK
public static final int OK
- See Also:
- Constant Field Values
-
FOUND
public static final int FOUND
- See Also:
- Constant Field Values
-
SEE_OTHER
public static final int SEE_OTHER
- See Also:
- Constant Field Values
-
TEMPORARY_REDIRECT
public static final int TEMPORARY_REDIRECT
- See Also:
- Constant Field Values
-
BAD_REQUEST
public static final int BAD_REQUEST
- See Also:
- Constant Field Values
-
UNAUTHORIZED
public static final int UNAUTHORIZED
- See Also:
- Constant Field Values
-
FORBIDDEN
public static final int FORBIDDEN
- See Also:
- Constant Field Values
-
POST
public static final String POST
- See Also:
- Constant Field Values
-
OPTIONS
public static final String OPTIONS
- See Also:
- Constant Field Values
-
MD5
public static final String MD5
- See Also:
- Constant Field Values
-
SHA256
public static final String SHA256
- See Also:
- Constant Field Values
-
SHA512_256
public static final String SHA512_256
- See Also:
- Constant Field Values
-
HTTP
public static final String HTTP
- See Also:
- Constant Field Values
-
HTTPS
public static final String HTTPS
- See Also:
- Constant Field Values
-
BEARER_TOKEN_PATTERN
public static final Pattern BEARER_TOKEN_PATTERN
Bearer token pattern. The Bearer token authorization header is of the form "Bearer", followed by optional whitespace, followed by the token itself, followed by optional whitespace. The token itself must be one or more characters and must not contain any whitespace.
-
-