36 import sun.net.www.HeaderParser;
37
38
39 /**
40 * AuthenticationInfo: Encapsulate the information needed to
41 * authenticate a user to a server.
42 *
43 * @author Jon Payne
44 * @author Herb Jellinek
45 * @author Bill Foote
46 */
47 // REMIND: It would be nice if this class understood about partial matching.
48 // If you're authorized for foo.com, chances are high you're also
49 // authorized for baz.foo.com.
50 // NB: When this gets implemented, be careful about the uncaching
51 // policy in HttpURLConnection. A failure on baz.foo.com shouldn't
52 // uncache foo.com!
53
54 public abstract class AuthenticationInfo extends AuthCacheValue implements Cloneable {
55
56 static final long serialVersionUID = -2588378268010453259L;
57
58 // Constants saying what kind of authroization this is. This determines
59 // the namespace in the hash table lookup.
60 public static final char SERVER_AUTHENTICATION = 's';
61 public static final char PROXY_AUTHENTICATION = 'p';
62
63 /**
64 * If true, then simultaneous authentication requests to the same realm/proxy
65 * are serialized, in order to avoid a user having to type the same username/passwords
66 * repeatedly, via the Authenticator. Default is false, which means that this
67 * behavior is switched off.
68 */
69 static final boolean serializeAuth;
70 static {
71 serializeAuth = java.security.AccessController.doPrivileged(
72 new sun.security.action.GetBooleanAction(
73 "http.auth.serializeRequests")).booleanValue();
74 }
75
481 * Give a key for hash table lookups.
482 * @param includeRealm if you want the realm considered. Preemptively
483 * setting an authorization is done before the realm is known.
484 */
485 String cacheKey(boolean includeRealm) {
486 // This must be kept in sync with the getXXXAuth() methods in this
487 // class.
488 String authenticatorKey = getAuthenticatorKey();
489 if (includeRealm) {
490 return type + ":" + authScheme + ":" + protocol + ":"
491 + host + ":" + port + ":" + realm
492 + ";auth=" + authenticatorKey;
493 } else {
494 return type + ":" + protocol + ":" + host + ":" + port
495 + ";auth=" + authenticatorKey;
496 }
497 }
498
499 String s1, s2; /* used for serialization of pw */
500
501 private synchronized void readObject(ObjectInputStream s)
502 throws IOException, ClassNotFoundException
503 {
504 s.defaultReadObject ();
505 pw = new PasswordAuthentication (s1, s2.toCharArray());
506 s1 = null; s2= null;
507 if (authenticatorKey == null) {
508 authenticatorKey = AuthenticatorKeys.DEFAULT;
509 }
510 }
511
512 private synchronized void writeObject(java.io.ObjectOutputStream s)
513 throws IOException
514 {
515 Objects.requireNonNull(authenticatorKey);
516 s1 = pw.getUserName();
517 s2 = new String (pw.getPassword());
518 s.defaultWriteObject ();
519 }
520 }
|
36 import sun.net.www.HeaderParser;
37
38
39 /**
40 * AuthenticationInfo: Encapsulate the information needed to
41 * authenticate a user to a server.
42 *
43 * @author Jon Payne
44 * @author Herb Jellinek
45 * @author Bill Foote
46 */
47 // REMIND: It would be nice if this class understood about partial matching.
48 // If you're authorized for foo.com, chances are high you're also
49 // authorized for baz.foo.com.
50 // NB: When this gets implemented, be careful about the uncaching
51 // policy in HttpURLConnection. A failure on baz.foo.com shouldn't
52 // uncache foo.com!
53
54 public abstract class AuthenticationInfo extends AuthCacheValue implements Cloneable {
55
56 @java.io.Serial
57 static final long serialVersionUID = -2588378268010453259L;
58
59 // Constants saying what kind of authroization this is. This determines
60 // the namespace in the hash table lookup.
61 public static final char SERVER_AUTHENTICATION = 's';
62 public static final char PROXY_AUTHENTICATION = 'p';
63
64 /**
65 * If true, then simultaneous authentication requests to the same realm/proxy
66 * are serialized, in order to avoid a user having to type the same username/passwords
67 * repeatedly, via the Authenticator. Default is false, which means that this
68 * behavior is switched off.
69 */
70 static final boolean serializeAuth;
71 static {
72 serializeAuth = java.security.AccessController.doPrivileged(
73 new sun.security.action.GetBooleanAction(
74 "http.auth.serializeRequests")).booleanValue();
75 }
76
482 * Give a key for hash table lookups.
483 * @param includeRealm if you want the realm considered. Preemptively
484 * setting an authorization is done before the realm is known.
485 */
486 String cacheKey(boolean includeRealm) {
487 // This must be kept in sync with the getXXXAuth() methods in this
488 // class.
489 String authenticatorKey = getAuthenticatorKey();
490 if (includeRealm) {
491 return type + ":" + authScheme + ":" + protocol + ":"
492 + host + ":" + port + ":" + realm
493 + ";auth=" + authenticatorKey;
494 } else {
495 return type + ":" + protocol + ":" + host + ":" + port
496 + ";auth=" + authenticatorKey;
497 }
498 }
499
500 String s1, s2; /* used for serialization of pw */
501
502 @java.io.Serial
503 private synchronized void readObject(ObjectInputStream s)
504 throws IOException, ClassNotFoundException
505 {
506 s.defaultReadObject ();
507 pw = new PasswordAuthentication (s1, s2.toCharArray());
508 s1 = null; s2= null;
509 if (authenticatorKey == null) {
510 authenticatorKey = AuthenticatorKeys.DEFAULT;
511 }
512 }
513
514 @java.io.Serial
515 private synchronized void writeObject(java.io.ObjectOutputStream s)
516 throws IOException
517 {
518 Objects.requireNonNull(authenticatorKey);
519 s1 = pw.getUserName();
520 s2 = new String (pw.getPassword());
521 s.defaultWriteObject ();
522 }
523 }
|