Package org.wildfly.security.http
Class HttpConstants
- java.lang.Object
-
- org.wildfly.security.http.HttpConstants
-
public class HttpConstants extends Object
Constants used within HTTP based authentication.- Author:
- Darran Lofthouse
-
-
Field Summary
Fields Modifier and Type Field Description static StringACCEPTstatic StringALGORITHMstatic StringAUTHstatic StringAUTH_PARAMstatic StringAUTHENTICATION_INFOstatic StringAUTHORIZATIONstatic intBAD_REQUESTstatic StringBASIC_NAMEstatic StringBEARER_TOKENstatic PatternBEARER_TOKEN_PATTERNBearer token pattern.static StringCHARSETstatic StringCLIENT_CERT_NAMEstatic StringCNONCEprivate static StringCONFIG_BASEstatic StringCONFIG_CONTEXT_PATHstatic StringCONFIG_CREATE_NAME_GSS_INITThis enables workaround for native GSS, where createName() needs to be called for correct GSSContext initialization.static StringCONFIG_DISABLE_RESTORE_SECURITY_IDENTITYIn clustered environment Security Identity is restored during failover, load balancer change node (not sticky behavior) and session passivation/activation.static StringCONFIG_ERROR_PAGEThe context relative path of the error page.static StringCONFIG_GSS_MANAGERThis allows aGSSManagerinstance to be passed into the authentication mechanisms.static StringCONFIG_LOGIN_PAGEThe context relative path of the login page.static StringCONFIG_POST_LOCATIONThis defines the location used by mechanisms dependent on the response to the challenge being sent in using 'POST'.static StringCONFIG_REALMstatic StringCONFIG_SKIP_CERTIFICATE_VERIFICATIONstatic StringCONFIG_STATE_SCOPESA comma separated list of scopes in preferred order the mechanism should attempt to use to persist state including the caching of any previously authenticated identity.static StringCONFIG_VALIDATE_DIGEST_URIstatic StringDIGEST_NAMEstatic StringDIGEST_SHA256_NAMEstatic StringDIGEST_SHA512_256_NAMEstatic StringDISABLE_SESSION_ID_CHANGEIf set totruethe SPNEGO and FORM authentication mechanisms will not change the session ID after a successful authentication.static StringDOMAINstatic StringERRORErrorsstatic StringERROR_DESCRIPTIONstatic StringEXTERNAL_NAMEstatic StringFACES_REQUESTstatic intFORBIDDENstatic StringFORM_NAMEstatic intFOUNDstatic StringHOSTstatic StringHTTPstatic StringHTTPSstatic StringINVALID_TOKENstatic StringLOCATIONstatic StringMD5static StringNCstatic StringNEGOTIATEstatic StringNEXT_NONCEstatic StringNO_TOKENstatic StringNONCEstatic intOKstatic StringOPAQUEstatic StringOPTIONSstatic StringPARTIALstatic StringPOSTstatic StringQOPstatic StringREALMstatic StringRESPONSEstatic StringRSPAUTHstatic StringSECURITY_IDENTITYThe property which holds the negotiated security identity after a successful HTTP server-side authentication.static intSEE_OTHERstatic StringSHA256static StringSHA512_256static StringSOAP_ACTIONstatic StringSPNEGO_NAMEstatic StringSTALEstatic StringSTALE_TOKENstatic intTEMPORARY_REDIRECTstatic intUNAUTHORIZEDstatic StringURIstatic StringUSERNAMEstatic StringUSERNAME_STARstatic StringWWW_AUTHENTICATEstatic StringX_REQUESTED_WITHstatic StringXML_HTTP_REQUEST
-
Constructor Summary
Constructors Modifier Constructor Description privateHttpConstants()
-
-
-
Field Detail
-
SECURITY_IDENTITY
public static final String SECURITY_IDENTITY
The property which holds the negotiated security identity after a successful HTTP server-side authentication.- See Also:
- Constant Field Values
-
CONFIG_BASE
private static final String CONFIG_BASE
-
CONFIG_CONTEXT_PATH
public static final String CONFIG_CONTEXT_PATH
-
CONFIG_REALM
public static final String CONFIG_REALM
-
CONFIG_VALIDATE_DIGEST_URI
public static final String CONFIG_VALIDATE_DIGEST_URI
-
CONFIG_SKIP_CERTIFICATE_VERIFICATION
public static final String CONFIG_SKIP_CERTIFICATE_VERIFICATION
-
CONFIG_LOGIN_PAGE
public static final String CONFIG_LOGIN_PAGE
The context relative path of the login page.
-
CONFIG_ERROR_PAGE
public static final String CONFIG_ERROR_PAGE
The context relative path of the error page.
-
CONFIG_POST_LOCATION
public static final String CONFIG_POST_LOCATION
This defines the location used by mechanisms dependent on the response to the challenge being sent in using 'POST'.
-
CONFIG_GSS_MANAGER
public static final String CONFIG_GSS_MANAGER
This allows aGSSManagerinstance to be passed into the authentication mechanisms.
-
CONFIG_CREATE_NAME_GSS_INIT
public static final String CONFIG_CREATE_NAME_GSS_INIT
This enables workaround for native GSS, where createName() needs to be called for correct GSSContext initialization. Set to "true" to call createName() as part of GSSContext initialization. This is workaround of JDK-8194073.
-
CONFIG_DISABLE_RESTORE_SECURITY_IDENTITY
public static final String CONFIG_DISABLE_RESTORE_SECURITY_IDENTITY
In clustered environment Security Identity is restored during failover, load balancer change node (not sticky behavior) and session passivation/activation. Set to "true" to disable this behavior.
-
CONFIG_STATE_SCOPES
public static final String CONFIG_STATE_SCOPES
A comma separated list of scopes in preferred order the mechanism should attempt to use to persist state including the caching of any previously authenticated identity. Accepted values are: -- CONNECTION
- SESSION
- SSL_SESSION
- NONE
-
DISABLE_SESSION_ID_CHANGE
public static final String DISABLE_SESSION_ID_CHANGE
If set totruethe SPNEGO and FORM authentication mechanisms will not change the session ID after a successful authentication. Where set the web application should be configured to use cookies exclusively for session management.
-
ALGORITHM
public static final String ALGORITHM
- See Also:
- Constant Field Values
-
AUTH
public static final String AUTH
- See Also:
- Constant Field Values
-
AUTH_PARAM
public static final String AUTH_PARAM
- See Also:
- Constant Field Values
-
CHARSET
public static final String CHARSET
- See Also:
- Constant Field Values
-
CNONCE
public static final String CNONCE
- See Also:
- Constant Field Values
-
DOMAIN
public static final String DOMAIN
- See Also:
- Constant Field Values
-
NC
public static final String NC
- See Also:
- Constant Field Values
-
NEGOTIATE
public static final String NEGOTIATE
- See Also:
- Constant Field Values
-
NEXT_NONCE
public static final String NEXT_NONCE
- See Also:
- Constant Field Values
-
NONCE
public static final String NONCE
- See Also:
- Constant Field Values
-
PARTIAL
public static final String PARTIAL
- See Also:
- Constant Field Values
-
OPAQUE
public static final String OPAQUE
- See Also:
- Constant Field Values
-
QOP
public static final String QOP
- See Also:
- Constant Field Values
-
REALM
public static final String REALM
- See Also:
- Constant Field Values
-
RSPAUTH
public static final String RSPAUTH
- See Also:
- Constant Field Values
-
RESPONSE
public static final String RESPONSE
- See Also:
- Constant Field Values
-
STALE
public static final String STALE
- See Also:
- Constant Field Values
-
URI
public static final String URI
- See Also:
- Constant Field Values
-
USERNAME
public static final String USERNAME
- See Also:
- Constant Field Values
-
USERNAME_STAR
public static final String USERNAME_STAR
- See Also:
- Constant Field Values
-
XML_HTTP_REQUEST
public static final String XML_HTTP_REQUEST
- See Also:
- Constant Field Values
-
ACCEPT
public static final String ACCEPT
- See Also:
- Constant Field Values
-
AUTHENTICATION_INFO
public static final String AUTHENTICATION_INFO
- See Also:
- Constant Field Values
-
AUTHORIZATION
public static final String AUTHORIZATION
- See Also:
- Constant Field Values
-
FACES_REQUEST
public static final String FACES_REQUEST
- See Also:
- Constant Field Values
-
HOST
public static final String HOST
- See Also:
- Constant Field Values
-
LOCATION
public static final String LOCATION
- See Also:
- Constant Field Values
-
SOAP_ACTION
public static final String SOAP_ACTION
- See Also:
- Constant Field Values
-
WWW_AUTHENTICATE
public static final String WWW_AUTHENTICATE
- See Also:
- Constant Field Values
-
X_REQUESTED_WITH
public static final String X_REQUESTED_WITH
- See Also:
- Constant Field Values
-
ERROR
public static final String ERROR
Errors- See Also:
- Constant Field Values
-
ERROR_DESCRIPTION
public static final String ERROR_DESCRIPTION
- See Also:
- Constant Field Values
-
INVALID_TOKEN
public static final String INVALID_TOKEN
- See Also:
- Constant Field Values
-
STALE_TOKEN
public static final String STALE_TOKEN
- See Also:
- Constant Field Values
-
NO_TOKEN
public static final String NO_TOKEN
- See Also:
- Constant Field Values
-
BASIC_NAME
public static final String BASIC_NAME
- See Also:
- Constant Field Values
-
CLIENT_CERT_NAME
public static final String CLIENT_CERT_NAME
- See Also:
- Constant Field Values
-
DIGEST_NAME
public static final String DIGEST_NAME
- See Also:
- Constant Field Values
-
DIGEST_SHA256_NAME
public static final String DIGEST_SHA256_NAME
- See Also:
- Constant Field Values
-
DIGEST_SHA512_256_NAME
public static final String DIGEST_SHA512_256_NAME
- See Also:
- Constant Field Values
-
EXTERNAL_NAME
public static final String EXTERNAL_NAME
- See Also:
- Constant Field Values
-
FORM_NAME
public static final String FORM_NAME
- See Also:
- Constant Field Values
-
SPNEGO_NAME
public static final String SPNEGO_NAME
- See Also:
- Constant Field Values
-
BEARER_TOKEN
public static final String BEARER_TOKEN
- See Also:
- Constant Field Values
-
OK
public static final int OK
- See Also:
- Constant Field Values
-
FOUND
public static final int FOUND
- See Also:
- Constant Field Values
-
SEE_OTHER
public static final int SEE_OTHER
- See Also:
- Constant Field Values
-
TEMPORARY_REDIRECT
public static final int TEMPORARY_REDIRECT
- See Also:
- Constant Field Values
-
BAD_REQUEST
public static final int BAD_REQUEST
- See Also:
- Constant Field Values
-
UNAUTHORIZED
public static final int UNAUTHORIZED
- See Also:
- Constant Field Values
-
FORBIDDEN
public static final int FORBIDDEN
- See Also:
- Constant Field Values
-
POST
public static final String POST
- See Also:
- Constant Field Values
-
OPTIONS
public static final String OPTIONS
- See Also:
- Constant Field Values
-
MD5
public static final String MD5
- See Also:
- Constant Field Values
-
SHA256
public static final String SHA256
- See Also:
- Constant Field Values
-
SHA512_256
public static final String SHA512_256
- See Also:
- Constant Field Values
-
HTTP
public static final String HTTP
- See Also:
- Constant Field Values
-
HTTPS
public static final String HTTPS
- See Also:
- Constant Field Values
-
BEARER_TOKEN_PATTERN
public static final Pattern BEARER_TOKEN_PATTERN
Bearer token pattern. The Bearer token authorization header is of the form "Bearer", followed by optional whitespace, followed by the token itself, followed by optional whitespace. The token itself must be one or more characters and must not contain any whitespace.
-
-