HttpBasicAuthFilter
Authenticate clients by providing the client credentials as a basic authorization header in the request. The credentials are base64-encoded.
This filter performs HTTP basic access authentication, described in RFC 2617.
Use this filter primarily for password replay scenarios, where the password is stored externally in clear text.
If challenged for authentication via a 401 Unauthorized
status code by the
server, this filter retries the request with credentials attached. After an HTTP
authentication challenge is issued from the remote server, all subsequent
requests to that remote server that pass through the filter include the user
credentials.
If authentication fails (including the case where no credentials are yielded from expressions), then processing is diverted to the specified authentication failure handler.
Usage
{
"name": string,
"type": "HttpBasicAuthFilter",
"config": {
"username": runtime expression<string>,
"password": runtime expression<string>,
"failureHandler": Handler reference,
"cacheHeader": configuration expression<boolean>
}
}
Properties
"username"
: runtime expression<string>, required-
The username to supply during authentication.
See also Expressions.
"password"
: runtime expression<string>, required-
The password to supply during authentication.
See also Expressions.
"failureHandler"
: Handler reference, required-
Dispatch to this Handler if authentication fails.
Provide either the name of a Handler object defined in the heap or an inline Handler configuration object.
See also Handlers.
"cacheHeader"
: configuration expression<boolean>,optional-
Whether or not to cache credentials in the session after the first successful authentication, and then replay those credentials for subsequent authentications in the same session.
With
"cacheHeader": false
, the filter generates the header for each request. This is useful, for example, when users change their passwords during a browser session.Default:
true
Example
{
"name": "MyAuthenticator",
"type": "HttpBasicAuthFilter",
"config": {
"username": "demo",
"password": "password",
"failureHandler": "AuthFailureHandler",
"cacheHeader": false
}
}