net.sourceforge.spnego

Class SpnegoHttpFilter.Constants

java.lang.Object

net.sourceforge.spnego.SpnegoHttpFilter.Constants

Enclosing class:

SpnegoHttpFilter

public static final class SpnegoHttpFilter.Constants
extends Object

Defines constants and parameter names that are used in the web.xml file, and HTTP request headers, etc.

This class is primarily used internally or by implementers of custom http clients and by SpnegoFilterConfig.

Field Summary

Fields

Modifier and Type	Field and Description
static String	ALLOW_BASIC Servlet init param name in web.xml spnego.allow.basic.
static String	ALLOW_DELEGATION Servlet init param name in web.xml spnego.allow.delegation.
static String	ALLOW_LOCALHOST Servlet init param name in web.xml spnego.allow.localhost.
static String	ALLOW_UNSEC_BASIC Servlet init param name in web.xml spnego.allow.unsecure.basic.
static String	AUTHN_HEADER HTTP Response Header WWW-Authenticate.
static String	AUTHZ_HEADER HTTP Request Header Authorization.
static String	BASIC_HEADER HTTP Response Header Basic.
static String	CLIENT_MODULE Servlet init param name in web.xml spnego.login.client.module.
static String	CONTENT_TYPE HTTP Request Header Content-Type.
static String	EXCLUDE_DIRS Servlet init param name in web.xml spnego.exclude.dirs.
static String	KRB5_CONF Servlet init param name in web.xml spnego.krb5.conf.
(package private) static String	LOGGER_LEVEL Specify logging level.
(package private) static String	LOGGER_NAME Name of Spnego Logger.
static String	LOGIN_CONF Servlet init param name in web.xml spnego.login.conf.
static String	NEGOTIATE_HEADER HTTP Response Header Negotiate.
(package private) static String	NTLM_PROLOG NTLM base64-encoded token start value.
static String	PREAUTH_PASSWORD Servlet init param name in web.xml spnego.preauth.password.
static String	PREAUTH_USERNAME Servlet init param name in web.xml spnego.preauth.username.
static String	PROMPT_NTLM If server receives an NTLM token, the filter will return with a 401 and with Basic as the only option (no Negotiate) spnego.prompt.ntlm.
static String	SERVER_MODULE Servlet init param name in web.xml spnego.login.server.module.
static String	SOAP_ACTION HTTP Request Header SOAPAction.

Constructor Summary

Constructors

Modifier	Constructor and Description
private	Constants()

Method Summary

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ALLOW_BASIC

public static final String ALLOW_BASIC

Servlet init param name in web.xml spnego.allow.basic.

Set this value to true in web.xml if the filter should allow Basic Authentication.

It is recommended that you only allow Basic Authentication if you have clients that cannot perform Kerberos authentication. Also, you should consider requiring SSL/TLS by setting spnego.allow.unsecure.basic to false.

See Also:

Constant Field Values

ALLOW_DELEGATION

public static final String ALLOW_DELEGATION

Servlet init param name in web.xml spnego.allow.delegation.

Set this value to true if server should support credential delegation requests.

Take a look at the DelegateServletRequest for more information about other pre-requisites.

See Also:

Constant Field Values

ALLOW_LOCALHOST

public static final String ALLOW_LOCALHOST

Servlet init param name in web.xml spnego.allow.localhost.

Flag to indicate if requests coming from http://localhost or http://127.0.0.1 should not be authenticated using Kerberos.

This feature helps to obviate the requirement of creating an SPN for developer machines.

See Also:

Constant Field Values

ALLOW_UNSEC_BASIC

public static final String ALLOW_UNSEC_BASIC

Servlet init param name in web.xml spnego.allow.unsecure.basic.

Set this value to false in web.xml if the filter should reject connections that do not use SSL/TLS.

See Also:

Constant Field Values

AUTHN_HEADER

public static final String AUTHN_HEADER

HTTP Response Header WWW-Authenticate.

The filter will respond with this header with a value of "Basic" and/or "Negotiate" (based on web.xml file).

See Also:

Constant Field Values

AUTHZ_HEADER

public static final String AUTHZ_HEADER

HTTP Request Header Authorization.

Clients should send this header where the value is the authentication token(s).

See Also:

Constant Field Values

BASIC_HEADER

public static final String BASIC_HEADER

HTTP Response Header Basic.

The filter will set this as the value for the "WWW-Authenticate" header if "Basic" auth is allowed (based on web.xml file).

See Also:

Constant Field Values

CLIENT_MODULE

public static final String CLIENT_MODULE

Servlet init param name in web.xml spnego.login.client.module.

The LoginModule name that exists in the login.conf file.

See Also:

Constant Field Values

CONTENT_TYPE

public static final String CONTENT_TYPE

HTTP Request Header Content-Type.

See Also:

Constant Field Values

EXCLUDE_DIRS

public static final String EXCLUDE_DIRS

Servlet init param name in web.xml spnego.exclude.dirs.

A List of URL paths, starting at the context root, that should NOT undergo authentication (authN).

See Also:

Constant Field Values

KRB5_CONF

public static final String KRB5_CONF

Servlet init param name in web.xml spnego.krb5.conf.

The location of the krb5.conf file. On Windows, this file will sometimes be named krb5.ini and reside %WINDOWS_ROOT%/krb5.ini here.

By default, Java looks for the file in these locations and order:

System Property (java.security.krb5.conf) %JAVA_HOME%/lib/security/krb5.conf %WINDOWS_ROOT%/krb5.ini

See Also:

Constant Field Values

LOGGER_LEVEL

static final String LOGGER_LEVEL

Specify logging level.

 1 = FINEST
 2 = FINER
 3 = FINE
 4 = CONFIG
 5 = INFO
 6 = WARNING
 7 = SEVERE
 

See Also:

Constant Field Values

LOGGER_NAME

static final String LOGGER_NAME

Name of Spnego Logger.

Example: Logger.getLogger(Constants.LOGGER_NAME)

See Also:

Constant Field Values

LOGIN_CONF

public static final String LOGIN_CONF

Servlet init param name in web.xml spnego.login.conf.

The location of the login.conf file.

See Also:

Constant Field Values

NEGOTIATE_HEADER

public static final String NEGOTIATE_HEADER

HTTP Response Header Negotiate.

The filter will set this as the value for the "WWW-Authenticate" header. Note that the filter may also add another header with a value of "Basic" (if allowed by the web.xml file).

See Also:

Constant Field Values

NTLM_PROLOG

static final String NTLM_PROLOG

NTLM base64-encoded token start value.

See Also:

Constant Field Values

PREAUTH_PASSWORD

public static final String PREAUTH_PASSWORD

Servlet init param name in web.xml spnego.preauth.password.

Network Domain password. For Windows, this is sometimes known as the Windows NT password.

See Also:

Constant Field Values

PREAUTH_USERNAME

public static final String PREAUTH_USERNAME

Servlet init param name in web.xml spnego.preauth.username.

Network Domain username. For Windows, this is sometimes known as the Windows NT username.

See Also:

Constant Field Values

PROMPT_NTLM

public static final String PROMPT_NTLM

If server receives an NTLM token, the filter will return with a 401 and with Basic as the only option (no Negotiate) spnego.prompt.ntlm.

See Also:

Constant Field Values

SERVER_MODULE

public static final String SERVER_MODULE

Servlet init param name in web.xml spnego.login.server.module.

The LoginModule name that exists in the login.conf file.

See Also:

Constant Field Values

SOAP_ACTION

public static final String SOAP_ACTION

HTTP Request Header SOAPAction.

See Also:

Constant Field Values

Constructor Detail

Constants

private Constants()