Package org.apache.shiro.authc

Class BearerToken

org.apache.shiro.authc.BearerToken

All Implemented Interfaces:

, AuthenticationToken, HostAuthenticationToken

public class BearerToken
extends 
implements HostAuthenticationToken

A AuthenticationToken that contains an a Bearer token or API key, typically received via an HTTP Authorization header. This class also implements the HostAuthenticationToken interface to retain the host name or IP address location from where the authentication attempt is occurring.

Since:

1.5

See Also:

, , Serialized Form

Constructor Summary

Constructors

Constructor	Description
token)
token, host)

Method Summary

Modifier and Type	Method	Description
	getCredentials()	Returns the credentials submitted by the user during the authentication process that verifies the submitted account identity.
	getHost()	Returns the host name of the client from where the authentication attempt originates or if the Shiro environment cannot or chooses not to resolve the hostname to improve performance, this method returns the String representation of the client's IP address.
	getPrincipal()	Returns the account identity submitted during the authentication process.
	getToken()

Methods inherited from class java.lang.

, , , , , , , , , ,

Constructor Detail

BearerToken

public BearerToken( token)

BearerToken

public BearerToken( token,
                    host)

Method Detail

getHost

public  getHost()

Description copied from interface: HostAuthenticationToken

Returns the host name of the client from where the authentication attempt originates or if the Shiro environment cannot or chooses not to resolve the hostname to improve performance, this method returns the String representation of the client's IP address.

When used in web environments, this value is usually the same as the ServletRequest.getRemoteHost() value.

Specified by:

getHost in interface HostAuthenticationToken

Returns:

the fully qualified name of the client from where the authentication attempt originates or the String representation of the client's IP address is hostname resolution is not available or disabled.

getPrincipal

public  getPrincipal()

Description copied from interface: AuthenticationToken

Returns the account identity submitted during the authentication process.

Most application authentications are username/password based and have this object represent a username. If this is the case for your application, take a look at the UsernamePasswordToken, as it is probably sufficient for your use.

Ultimately, the object returned is application specific and can represent any account identity (user id, X.509 certificate, etc).

Specified by:

getPrincipal in interface AuthenticationToken

Returns:

the account identity submitted during the authentication process.

See Also:

UsernamePasswordToken

getCredentials

public  getCredentials()

Description copied from interface: AuthenticationToken

Returns the credentials submitted by the user during the authentication process that verifies the submitted account identity.

Most application authentications are username/password based and have this object represent a submitted password. If this is the case for your application, take a look at the UsernamePasswordToken, as it is probably sufficient for your use.

Ultimately, the credentials Object returned is application specific and can represent any credential mechanism.

Specified by:

getCredentials in interface AuthenticationToken

Returns:

the credential submitted by the user during the authentication process.

getToken

public  getToken()