HTTPAUTH
Jump to navigation
Jump to search
Support HTTP/HTTPS authentication challenges for current JVM
<FUNC> - Action to perform (ADD, REMove, CLEAR, ENABLE, DISABLE, STATUS) <URL> - URL prefix to match site URL that requires authentication <USERNAME> - Username credential for the specified URL prefix (ADD function) <PASSWORD> - Password credential for the specified URL prefix (ADD function) Support HTTP/HTTPS authentication challenges for current JVM instance using an in-memory database of URL prefix/username/password combination. There is also a /GUI switch to enable a login prompt for operator to enter username/password. The precedence of how login credentials are used when added entries with URL prefixes that can match the website URL requesting authentication are: 1. URL prefix is exact match to website URL 2. Longest matching URL prefix to website URL 3. If callback is enabled (normally the LoginPromptGUI via the /GUI switch) WARNING: The Oracle/Sun HotSpot JVM caches successful logins for specific URLs. This prevents one from using different username/password for a URL without restarting the JVM. See Java BUG 6626700 for request to provide API to clear that cache. Hence, updating, clearing or removing an entry with the functions in this command WILL NOT take in effect for URLs that have been successfully authenticated until user exits the JVM and re-enters. Functions: ADD <URL> <USERNAME> <PASSWORD> Add authentication entry for the specified URL prefix to the in-memory database. The URL can be a partial prefix of the actual website URL if the same login credentials should be used. If there is an existing entry, it will be replaced. CLEAR Remove all credential entries from the in-memory database. DISABLE Disables (unregisters) this Authenticator with the current JVM instance. ENABLE Enables (registers) this Authenticator with the current JVM instance. REMove <URL> Remove the specified URL prefix from the in-memory database. STATUS Display status of the Authenticator: 1. if it is enabled or not 2. the number of credentials in the in-memory database 3. if a callback (e.g. LoginPrompGUI or custom callback) is set or not Examples: 1. Enable the HTTP/HTTPS Authenticator for websites that requests them. nM> httpauth enable 2. Add a login credential entry for a url nM> httpauth add url username password 3. Add a login credential entry for a url and enable Authenticator on one line nM> httpauth add url username password /enable 4. Enable the GUI to prompt user for URL prefixes that have not been added and enable the authenticator on one line. nM> httpauth/gui 5. Disable Authenticator and remove all credentials from cache nM> httpauth/enable=false clear Switches: /DEFAULTUSER - Default username when /GUI is enabled, defaults to ENV.USER. /ENABLE - See ENABLE function (this will override all other switches). /GUI - Enable graphical prompt for user to interactively enter username and password. Login prompt GUI will display website realm/prompt and URL. The GUI prompt is only displayed when accessing the URL requires authentication and there is no prior successful attempt (from cache) and there is no entry that matches from the in-memory database. If set to TRUE, then this will also enable the Authenticator. Set to FALSE to remove GUI prompting user. [DEF to not set] /STATUS - See STATUS function (this will override default setting) /TITLE - Set title of login prompt when /GUI is enabled See Also: nxm.sys.net.HttpAuthenticator