org.restlet.security
Class SecretVerifier

java.lang.Object
  extended by org.restlet.security.SecretVerifier
All Implemented Interfaces:
Verifier
Direct Known Subclasses:
LocalVerifier

public abstract class SecretVerifier
extends Object
implements Verifier

Verifier of identifier/secret couples. By default, it extracts the identifier and the secret from the ChallengeResponse. If the verification is successful, it automatically adds a new User for the given identifier.

Author:
Jerome Louvel

Field Summary
 
Fields inherited from interface org.restlet.security.Verifier
RESULT_INVALID, RESULT_MISSING, RESULT_STALE, RESULT_UNKNOWN, RESULT_UNSUPPORTED, RESULT_VALID
 
Constructor Summary
SecretVerifier()
           
 
Method Summary
static boolean compare(char[] secret1, char[] secret2)
          Compares that two secrets are equal.
protected  String getIdentifier(Request request, Response response)
          Returns the user identifier.
protected  char[] getSecret(Request request, Response response)
          Returns the secret provided by the user.
 int verify(Request request, Response response)
          Verifies that the proposed secret is correct for the specified request.
abstract  boolean verify(String identifier, char[] secret)
          Verifies that the identifier/secret couple is valid.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecretVerifier

public SecretVerifier()
Method Detail

compare

public static boolean compare(char[] secret1,
                              char[] secret2)
Compares that two secrets are equal.

Parameters:
secret1 - The input secret.
secret2 - The output secret.
Returns:
True if both are equal.

getIdentifier

protected String getIdentifier(Request request,
                               Response response)
Returns the user identifier.

Parameters:
request - The request to inspect.
response - The response to inspect.
Returns:
The user identifier.

getSecret

protected char[] getSecret(Request request,
                           Response response)
Returns the secret provided by the user.

Parameters:
request - The request to inspect.
response - The response to inspect.
Returns:
The secret provided by the user.

verify

public int verify(Request request,
                  Response response)
Verifies that the proposed secret is correct for the specified request. By default, it compares the inputSecret of the request's authentication response with the one obtain by the ChallengeResponse.getSecret() method and sets the User instance of the request's ClientInfo if successful.

Specified by:
verify in interface Verifier
Parameters:
request - The request to inspect.
response - The response to inspect.
Returns:
True if the proposed secret was correct and the subject updated.

verify

public abstract boolean verify(String identifier,
                               char[] secret)
                        throws IllegalArgumentException
Verifies that the identifier/secret couple is valid. It throws an IllegalArgumentException in case the identifier is either null or does not identify a user.

Parameters:
identifier - The user identifier to match.
secret - The provided secret to verify.
Returns:
true if the identifier/secret couple is valid.
Throws:
IllegalArgumentException - In case the identifier is unknown.


Copyright © 2005-2011 Noelios Technologies.