Java的Authenticator类用于处理网络连接的认证信息,通常通过提示用户输入或非交互方式获取用户名和密码。应用程序可通过覆写getPasswordAuthentication方法来使用。系统在接收到验证请求时会调用注册的Authenticator实例。类包含多个访问器方法获取请求信息,并有reset方法重置为默认值。Authenticator需要与密码授权函数结合使用,抽象并封装了链接验证步骤。
该类无引入包和继承类
该类的类头注释如下:
/** * The class Authenticator represents an object that knows how to obtain * authentication for a network connection. Usually, it will do this * by prompting the user for information. * <p> * Applications use this class by overriding {@link * #getPasswordAuthentication()} in a sub-class. This method will * typically use the various getXXX() accessor methods to get information * about the entity requesting authentication. It must then acquire a * username and password either by interacting with the user or through * some other non-interactive means. The credentials are then returned * as a {@link PasswordAuthentication} return value. * <p> * An instance of this concrete sub-class is then registered * with the system by calling {@link #setDefault(Authenticator)}. * When authentication is required, the system will invoke one of the * requestPasswordAuthentication() methods which in turn will call the * getPasswordAuthentication() method of the registered object. * <p> * All methods that request authentication have a default implementation * that fails. * * @see java.net.Authenticator#setDefault(java.net.Authenticator) * @see java.net.Authenticator#getPasswordAuthentication() * * @author Bill Foote * @since 1.2 */
大意如下:
该类用来获得网络连接的认证信息,一般情况下该类通过提示用户输入信息来完成该操作
应用程序通过覆写getPasswordAuthentication方法来使用该类。
该方法经常使用多种getXXX()访问器获取请求验证实体的信息
然后其必须通过与用户交互方式或者一些不需要与用户交互的方式来获得用户名和密码
授权将以getPasswordAuthentication的返回值返回
接下来通过调用setDefault方法向系统注册该子类的实例
当系统接收到验证请求时,系统将会调用其中一个(已注册的)requestPasswordAuthentication方法,这些方法将依次调用注册对象的 getPasswordAuthentication() 方法。
所有验证请求都有默认的失败实现
该类含有如下的成员变量:
系统默认的链接验证口
private static Authenticator theAuthenticator;
请求主机名
private String requestingHost;
请求主机地址
private InetAddress requestingSite;
请求端口
private int requestingPort;
请求所使用的协议
private String requestingProtocol;
请求提示字符串
private String requestingPrompt;
请求认证方案
private String requestingScheme;
请求的资源
private URL requestingURL;
请求者类型
private RequestorType requestingAuthType;
该类含有如下的成员方法:
枚举请求类型
public enum RequestorType { /** * Entity requesting authentication is a HTTP proxy server. */ PROXY,//代理服务器 /** * Entity requesting authentication is a HTTP origin server. */ SERVER//源服务器 }
重置该对象信息(全部归为默认值
private void reset() { requestingHost = null; requestingSite = null; requestingPort = -1; requestingProtocol = null; requestingPrompt = null; requestingScheme = null; requestingURL = null; requestingAuthType = RequestorType.SERVER; }
向系统注册(实质是把传入的验证接口与系统默认接口绑定
public synchronized static void setDefault(Authenticator a) { SecurityManager sm = System.getSecurityManager();//创建安全性检查 if (sm != null) {//检查系统,判定请求合理性 NetPermission setDefaultPermission = new NetPermission("setDefaultAuthenticator"); sm.checkPermission(setDefaultPermission); } theAuthenticator = a; }
向系统已注册的检测者请求密码(参数蛮多的……)
public static PasswordAuthentication requestPasswordAuthentication( InetAddress addr, int port, String protocol, String prompt, String scheme) { SecurityManager sm = System.getSecurityManager(); if (sm != null) {//首先进行安全性检查 NetPermission requestPermission = new NetPermission("requestPasswordAuthentication"); sm.checkPermission(requestPermission); } Authenticator a = theAuthenticator;//获得系统默认检测者 if (a == null) {//系统当前没有已注册的检测者 return null; } else { synchronized(a) {//修改参数 a.reset(); a.requestingSite = addr; a.requestingPort = port; a.requestingProtocol = protocol; a.requestingPrompt = prompt; a.requestingScheme = scheme; return a.getPasswordAuthentication();//请求密码授权 } } }
向系统已注册的检测者请求密码(参数多了个主机名
public static PasswordAuthentication requestPasswordAuthentication( String host, InetAddress addr, int port, String protocol, String prompt, String scheme) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { NetPermission requestPermission = new NetPermission("requestPasswordAuthentication"); sm.checkPermission(requestPermission); } Authenticator a = theAuthenticator; if (a == null) { return null; } else { synchronized(a) { a.reset(); a.requestingHost = host; a.requestingSite = addr; a.requestingPort = port; a.requestingProtocol = protocol; a.requestingPrompt = prompt; a.requestingScheme = scheme; return a.getPasswordAuthentication(); } } }
向已注册的检测者请求密码信息(多了资源路径和请求者类型
public static PasswordAuthentication requestPasswordAuthentication( String host, InetAddress addr, int port, String protocol, String prompt, String scheme, URL url, RequestorType reqType) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { NetPermission requestPermission = new NetPermission("requestPasswordAuthentication"); sm.checkPermission(requestPermission); } Authenticator a = theAuthenticator; if (a == null) { return null; } else { synchronized(a) { a.reset(); a.requestingHost = host; a.requestingSite = addr; a.requestingPort = port; a.requestingProtocol = protocol; a.requestingPrompt = prompt; a.requestingScheme = scheme; a.requestingURL = url; a.requestingAuthType = reqType; return a.getPasswordAuthentication(); } } }
返回主机名
protected final String getRequestingHost() { return requestingHost; }
返回主机地址
protected final InetAddress getRequestingSite() { return requestingSite; }
获得检测者检测的连接端口名
protected final int getRequestingPort() { return requestingPort; }
获得检测的协议类型
protected final String getRequestingProtocol() { return requestingProtocol; }
获得提示字符串
protected final String getRequestingPrompt() { return requestingPrompt; }
获得请求方案(防火墙方案一类的
protected final String getRequestingScheme() { return requestingScheme; }
获得密码授权(覆写
protected PasswordAuthentication getPasswordAuthentication() { return null; }
获得请求的URL
protected URL getRequestingURL () { return requestingURL; }
获得请求者的类型
protected RequestorType getRequestorType () { return requestingAuthType; }
该类不允许直接使用,需要完成密码授权函数后使用(尽管是抽象类但不存在虚方法),该类是对请求链接中的验证步骤进行功能抽象并封装。用户名和密码实现封装在密码授权函数需要返回的对象中,通过大量的字段判定检测来确定需要返回的对象。
扫一扫
939
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
