1 // 2 // ======================================================================== 3 // Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd. 4 // ------------------------------------------------------------------------ 5 // All rights reserved. This program and the accompanying materials 6 // are made available under the terms of the Eclipse Public License v1.0 7 // and Apache License v2.0 which accompanies this distribution. 8 // 9 // The Eclipse Public License is available at 10 // http://www.eclipse.org/legal/epl-v10.html 11 // 12 // The Apache License v2.0 is available at 13 // http://www.opensource.org/licenses/apache2.0.php 14 // 15 // You may elect to redistribute this code under either of these licenses. 16 // ======================================================================== 17 // 18 19 package org.eclipse.jetty.server; 20 21 import javax.servlet.ServletException; 22 import javax.servlet.ServletRequest; 23 import javax.servlet.ServletResponse; 24 import javax.servlet.http.HttpServletRequest; 25 import javax.servlet.http.HttpServletResponse; 26 27 28 /* ------------------------------------------------------------ */ 29 /** The Authentication state of a request. 30 * <p> 31 * The Authentication state can be one of several sub-types that 32 * reflects where the request is in the many different authentication 33 * cycles. Authentication might not yet be checked or it might be checked 34 * and failed, checked and deferred or succeeded. 35 * 36 */ 37 public interface Authentication 38 { 39 /* ------------------------------------------------------------ */ 40 public static class Failed extends QuietServletException 41 { 42 public Failed(String message) 43 { 44 super(message); 45 } 46 } 47 48 /* ------------------------------------------------------------ */ 49 /** A successful Authentication with User information. 50 */ 51 public interface User extends Authentication 52 { 53 String getAuthMethod(); 54 UserIdentity getUserIdentity(); 55 boolean isUserInRole(UserIdentity.Scope scope,String role); 56 void logout(); 57 } 58 59 /* ------------------------------------------------------------ */ 60 /** A wrapped authentication with methods provide the 61 * wrapped request/response for use by the application 62 */ 63 public interface Wrapped extends Authentication 64 { 65 HttpServletRequest getHttpServletRequest(); 66 HttpServletResponse getHttpServletResponse(); 67 } 68 69 /* ------------------------------------------------------------ */ 70 /** A deferred authentication with methods to progress 71 * the authentication process. 72 */ 73 public interface Deferred extends Authentication 74 { 75 /* ------------------------------------------------------------ */ 76 /** Authenticate if possible without sending a challenge. 77 * This is used to check credentials that have been sent for 78 * non-manditory authentication. 79 * @return The new Authentication state. 80 */ 81 Authentication authenticate(ServletRequest request); 82 83 /* ------------------------------------------------------------ */ 84 /** Authenticate and possibly send a challenge. 85 * This is used to initiate authentication for previously 86 * non-manditory authentication. 87 * @return The new Authentication state. 88 */ 89 Authentication authenticate(ServletRequest request,ServletResponse response); 90 91 92 /* ------------------------------------------------------------ */ 93 /** Login with the LOGIN authenticator 94 * @param username 95 * @param password 96 * @return The new Authentication state 97 */ 98 Authentication login(String username,Object password,ServletRequest request); 99 } 100 101 102 /* ------------------------------------------------------------ */ 103 /** Authentication Response sent state. 104 * Responses are sent by authenticators either to issue an 105 * authentication challenge or on successful authentication in 106 * order to redirect the user to the original URL. 107 */ 108 public interface ResponseSent extends Authentication 109 { 110 } 111 112 /* ------------------------------------------------------------ */ 113 /** An Authentication Challenge has been sent. 114 */ 115 public interface Challenge extends ResponseSent 116 { 117 } 118 119 /* ------------------------------------------------------------ */ 120 /** An Authentication Failure has been sent. 121 */ 122 public interface Failure extends ResponseSent 123 { 124 } 125 126 public interface SendSuccess extends ResponseSent 127 { 128 } 129 130 /* ------------------------------------------------------------ */ 131 /** Unauthenticated state. 132 * <p> 133 * This convenience instance is for non mandatory authentication where credentials 134 * have been presented and checked, but failed authentication. 135 */ 136 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override 137 public String toString(){return "UNAUTHENTICATED";}}; 138 139 /* ------------------------------------------------------------ */ 140 /** Authentication not checked 141 * <p> 142 * This convenience instance us for non mandatory authentication when no 143 * credentials are present to be checked. 144 */ 145 public final static Authentication NOT_CHECKED = new Authentication(){@Override 146 public String toString(){return "NOT CHECKED";}}; 147 148 /* ------------------------------------------------------------ */ 149 /** Authentication challenge sent. 150 * <p> 151 * This convenience instance is for when an authentication challenge has been sent. 152 */ 153 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override 154 public String toString(){return "CHALLENGE";}}; 155 156 /* ------------------------------------------------------------ */ 157 /** Authentication failure sent. 158 * <p> 159 * This convenience instance is for when an authentication failure has been sent. 160 */ 161 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override 162 public String toString(){return "FAILURE";}}; 163 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override 164 public String toString(){return "SEND_SUCCESS";}}; 165 }