# HTTP Basic Auth

Para os casos mais simples, você pode utilizar o HTTP Basic Auth.

No HTTP Basic Auth, a aplicação espera um cabeçalho que contém um usuário e uma senha.

Caso ela não receba, ela retorna um erro HTTP 401 "Unauthorized" (*Não Autorizado*).

E retorna um cabeçalho `WWW-Authenticate` com o valor `Basic`, e um parâmetro opcional `realm`.

Isso sinaliza ao navegador para mostrar o prompt integrado para um usuário e senha.

# HTTP 基础授权

最简单的用例是使用 HTTP 基础授权（HTTP Basic Auth）。

在 HTTP 基础授权中，应用需要请求头包含用户名与密码。

如果没有接收到 HTTP 基础授权，就返回 HTTP 401 `"Unauthorized"` 错误。

并返回含 `Basic` 值的请求头 `WWW-Authenticate`以及可选的 `realm` 参数。

HTTP 基础授权让浏览器显示内置的用户名与密码提示。

输入用户名与密码后，浏览器会把它们自动发送至请求头。

## 简单的 HTTP 基础授权

* 导入 `HTTPBasic` 与 `HTTPBasicCredentials`
* 使用 `HTTPBasic` 创建**安全概图**
* 在*路径操作*的依赖项中使用 `security`
* 返回类型为 `HTTPBasicCredentials` 的对象：

# HTTP Basic Auth

For the simplest cases, you can use HTTP Basic Auth.

In HTTP Basic Auth, the application expects a header that contains a username and a password.

If it doesn't receive it, it returns an HTTP 401 "Unauthorized" error.

And returns a header `WWW-Authenticate` with a value of `Basic`, and an optional `realm` parameter.

That tells the browser to show the integrated prompt for a username and password.

# HTTP Basic Auth

Für die einfachsten Fälle können Sie <abbr title="HTTP-Basisauthentifizierung">HTTP Basic Auth</abbr> verwenden.

Bei HTTP Basic Auth erwartet die Anwendung einen Header, der einen Benutzernamen und ein Passwort enthält.

Wenn sie diesen nicht empfängt, gibt sie den HTTP-Error 401 „Unauthorized“ zurück.

Und gibt einen Header `WWW-Authenticate` mit dem Wert `Basic` und einem optionalen `realm`-Parameter („Bereich“) zurück.

Sebastián Ramírez <******@****.***> 1728247014 +0200

        FtpAuthentication auth = new FtpAuthentication();
        auth.setServer("hostname");
        auth.setPort(21);
        auth.setUsername("testuser");
        auth.setPassword("testpass");

        assertTrue(auth.matches("ftp://hostname:21/test/aaa.html"));
        assertTrue(auth.matches("ftp://hostname/test/aaa.html"));
        assertTrue(auth.matches("ftp://hostname:21/test"));

public class NtlmContext {


    NtlmPasswordAuthentication auth;
    int ntlmsspFlags;
    String workstation;
    boolean isEstablished = false;
    byte[] serverChallenge = null;
    byte[] signingKey = null;
    String netbiosName = null;
    int state = 1;
    LogStream log;

    public NtlmContext(NtlmPasswordAuthentication auth, boolean doSigning) {
        this.auth = auth;
        this.ntlmsspFlags = ntlmsspFlags |

    private final String nameidSPNameQualifier;

    public SamlCredential(final Auth auth) {
        attributes = auth.getAttributes();
        nameId = auth.getNameId();
        nameIdFormat = auth.getNameIdFormat();
        sessionIndex = auth.getSessionIndex();
        nameidNameQualifier = auth.getNameIdNameQualifier();
        nameidSPNameQualifier = auth.getNameIdSPNameQualifier();
    }

    @Override
    public String toString() {

                } else if (session.transport.server.encryptedPasswords) {
                    lmHash = auth.getAnsiHash( session.transport.server.encryptionKey );
                    ntHash = auth.getUnicodeHash( session.transport.server.encryptionKey );
                    // prohibit HTTP auth attempts for the null session
                    if (lmHash.length == 0 && ntHash.length == 0) {
                        throw new RuntimeException("Null setup prohibited.");

    public static NtlmPasswordAuthentication
                requestNtlmPasswordAuthentication( String url, SmbAuthException sae ) {
        if( auth == null ) {
            return null;
        }
        synchronized( auth ) {
            auth.url = url;
            auth.sae = sae;
            return auth.getNtlmPasswordAuthentication();
        }
    }
/**