eXept Software AG Logo

Smalltalk/X Webserver

Documentation of class 'Authentication::Authenticator':

Home

Documentation
www.exept.de
Everywhere
for:
[back]

Class: Authenticator (in Authentication)


Inheritance:

   Object
   |
   +--Authentication::Authenticator
      |
      +--Authentication::BasicAuthenticator
      |
      +--Authentication::DigestAuthenticator

Package:
stx:goodies/authentication
Category:
Net-Authentication
Version:
rev: 1.7 date: 2017/05/30 17:25:57
user: mawalch
file: Authentication__Authenticator.st directory: goodies/authentication
module: stx stc-classLibrary: authentication
Author:
Stefan Vogel (stefan@zwerg)

Description:


This is an abstract superclass.
Authenticators implement the protocol to authenticate a user.
They generate challenges and check the returned credentials.


[instance variables:]

[class variables:]


Related information:

    Authentication::AuthenticationData

Class protocol:

instance creation
o  authenticatorNamed: authenticatorName
get the authenticator name for 'Basic', 'Digest', ...
- if the authenticatorName is unknown, raise an error.

usage example(s):

      self authenticatorNamed:#Basic
      self authenticatorNamed:#Digest
      self authenticatorNamed:#blaFasel

protocol
o  authenticateForResponse: aResponseString resolveUserVia: aOneArgBlock
authenticate using aResponseString.
Resolve users via aOneArgBlock that gets the username as argument.
Raise an exception, it authentication fails.
Answer the authenticator containing the authentication parameters

usage example(s):

      self authenticateForResponse:'Basic abcdefgh==' resolveUserVia:[:userName ]

o  generateChallengeForRealm: aRealmString
generate a challenge for a client

** This method raises an error - it must be redefined in concrete classes **

o  initializeFromResponse: aResponseString
create and initialize an authenticator using aResponseString.
Answer the authenticator containing the authentication parameters

usage example(s):

      self initializeFromResponse:'Basic abcdefgh=='

o  newAuthenticationDataFor: user secret: aSecretString
answer the authentication data used by this authenticator

queries
o  authenticatorClassNamed: authenticatorName
get the authenticator class for a
mechanism name name like 'Basic', 'Digest', ...
or raise an error

usage example(s):

      self authenticatorClassNamed:#Basic
      self authenticatorClassNamed:#Digest
      self authenticatorClassNamed:#blaFasel

o  isAbstract
Return if this class is an abstract class.
True is returned here for myself only; false for subclasses.
Abstract subclasses must redefine this again.

o  knownAuthenticators
answer the authenticator classes, we know

o  mechanismName
answer the name of the mechanism as known in the protocols

** This method raises an error - it must be redefined in concrete classes **


Instance protocol:

protocol
o  authenticateWithUserResolver: aOneArgBlock
authenticate - resolve the username via aOneArgBlock

** This method raises an error - it must be redefined in concrete classes **

o  bodyData: aStringOrByteArary
pass the body data.
some authenticators need this (Digest with qop=auth-int)

o  generateStaleChallenge
generate a challenge for a client.
This is sent when the credentials are stale, i.e. the user has already
supplied valid username/password and will not be asked again.

Not all Authenticators support stale challenges

** This method raises an error - it must be redefined in concrete classes **

o  initializeWith: aString
inititialize the authentiaction parameters from aString

** This method raises an error - it must be redefined in concrete classes **

o  requestMethod: methodString
pass the request method (like 'GET', 'POST', ...).
some authenticators need this

queries
o  isValidUri: uriString
answer true if the authenticator is valid for the URI in uriString

o  mechanismName

testing
o  isBasic

o  isDigest


Examples:


    |authenticationData|

    authenticationData := Authentication::BasicAuthenticator 
                                newAuthenticationDataFor:nil secret:'passwort'.

    authenticationData storeOn:Transcript. Transcript cr.

    'exception is raised if wrong passwort'.    
    Authentication::BasicAuthenticator new
                        secret:'passwort';
                        authenticateWith:authenticationData
    |authenticationData|

    authenticationData := Authentication::DigestAuthenticator 
                                newAuthenticationDataFor:'testUser:testRealm' secret:'passwort'.
    authenticationData storeOn:Transcript. Transcript cr.

    authenticationData inspect.


ST/X 7.2.0.0; WebServer 1.670 at bd0aa1f87cdd.unknown:8081; Sat, 26 Nov 2022 09:00:51 GMT