1 //
2 // ========================================================================
3 // Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
8 //
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
11 //
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
14 //
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
17 //
18
19 package org.eclipse.jetty.server;
20
21 import javax.servlet.ServletException;
22 import javax.servlet.ServletRequest;
23 import javax.servlet.ServletResponse;
24 import javax.servlet.http.HttpServletRequest;
25 import javax.servlet.http.HttpServletResponse;
26
27
28 /* ------------------------------------------------------------ */
29 /** The Authentication state of a request.
30 * <p>
31 * The Authentication state can be one of several sub-types that
32 * reflects where the request is in the many different authentication
33 * cycles. Authentication might not yet be checked or it might be checked
34 * and failed, checked and deferred or succeeded.
35 *
36 */
37 public interface Authentication
38 {
39 /* ------------------------------------------------------------ */
40 public static class Failed extends QuietServletException
41 {
42 public Failed(String message)
43 {
44 super(message);
45 }
46 }
47
48 /* ------------------------------------------------------------ */
49 /** A successful Authentication with User information.
50 */
51 public interface User extends Authentication
52 {
53 String getAuthMethod();
54 UserIdentity getUserIdentity();
55 boolean isUserInRole(UserIdentity.Scope scope,String role);
56 void logout();
57 }
58
59 /* ------------------------------------------------------------ */
60 /** A wrapped authentication with methods provide the
61 * wrapped request/response for use by the application
62 */
63 public interface Wrapped extends Authentication
64 {
65 HttpServletRequest getHttpServletRequest();
66 HttpServletResponse getHttpServletResponse();
67 }
68
69 /* ------------------------------------------------------------ */
70 /** A deferred authentication with methods to progress
71 * the authentication process.
72 */
73 public interface Deferred extends Authentication
74 {
75 /* ------------------------------------------------------------ */
76 /** Authenticate if possible without sending a challenge.
77 * This is used to check credentials that have been sent for
78 * non-manditory authentication.
79 * @return The new Authentication state.
80 */
81 Authentication authenticate(ServletRequest request);
82
83 /* ------------------------------------------------------------ */
84 /** Authenticate and possibly send a challenge.
85 * This is used to initiate authentication for previously
86 * non-manditory authentication.
87 * @return The new Authentication state.
88 */
89 Authentication authenticate(ServletRequest request,ServletResponse response);
90
91
92 /* ------------------------------------------------------------ */
93 /** Login with the LOGIN authenticator
94 * @param username
95 * @param password
96 * @return The new Authentication state
97 */
98 Authentication login(String username,Object password,ServletRequest request);
99 }
100
101
102 /* ------------------------------------------------------------ */
103 /** Authentication Response sent state.
104 * Responses are sent by authenticators either to issue an
105 * authentication challenge or on successful authentication in
106 * order to redirect the user to the original URL.
107 */
108 public interface ResponseSent extends Authentication
109 {
110 }
111
112 /* ------------------------------------------------------------ */
113 /** An Authentication Challenge has been sent.
114 */
115 public interface Challenge extends ResponseSent
116 {
117 }
118
119 /* ------------------------------------------------------------ */
120 /** An Authentication Failure has been sent.
121 */
122 public interface Failure extends ResponseSent
123 {
124 }
125
126 public interface SendSuccess extends ResponseSent
127 {
128 }
129
130 /* ------------------------------------------------------------ */
131 /** Unauthenticated state.
132 * <p>
133 * This convenience instance is for non mandatory authentication where credentials
134 * have been presented and checked, but failed authentication.
135 */
136 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override
137 public String toString(){return "UNAUTHENTICATED";}};
138
139 /* ------------------------------------------------------------ */
140 /** Authentication not checked
141 * <p>
142 * This convenience instance us for non mandatory authentication when no
143 * credentials are present to be checked.
144 */
145 public final static Authentication NOT_CHECKED = new Authentication(){@Override
146 public String toString(){return "NOT CHECKED";}};
147
148 /* ------------------------------------------------------------ */
149 /** Authentication challenge sent.
150 * <p>
151 * This convenience instance is for when an authentication challenge has been sent.
152 */
153 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override
154 public String toString(){return "CHALLENGE";}};
155
156 /* ------------------------------------------------------------ */
157 /** Authentication failure sent.
158 * <p>
159 * This convenience instance is for when an authentication failure has been sent.
160 */
161 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override
162 public String toString(){return "FAILURE";}};
163 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override
164 public String toString(){return "SEND_SUCCESS";}};
165 }