HttpBasicAuthFilter
Prev Filters Next

Name

HttpBasicAuthFilter — perform HTTP Basic authentication

Description

Performs authentication through the HTTP Basic authentication scheme. For more information, see RFC 2617.

If challenged for authentication via a 401 Unauthorized status code by the server, this filter retries the request with credentials attached. Once an HTTP authentication challenge is issued from the remote server, all subsequent requests to that remote server that pass through the filter includes the user credentials.

If authentication fails (including the case of no credentials yielded from expressions), then the exchange is diverted to the specified authentication failure handler.

Usage

{
     "name": string,
     "type": "HttpBasicAuthFilter",
     "config": {
         "username": expression,
         "password": expression,
         "failureHandler": string
     }
}

Properties

"username": expression, required

Expression that yields the username to supply during authentication.

"password": expression, required

Expression that yields the password to supply during authentication.

"failureHandler": string, required

The name of the handler heap object to dispatch to if authentication fails.

Example

{
     "name": "TomcatAuthenticator",
     "type": "HttpBasicAuthFilter",
     "config": {
         "username": "tomcat",
         "password": "tomcat",
         "failureHandler": "TomcatAuthFailureHandler" 
      }
}

Javadoc

org.forgerock.openig.filter.HttpBasicAuthFilter

Prev Up Next
CryptoHeaderFilter Home SqlAttributesFilter