View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2015 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.security;
20  
21  import java.util.Set;
22  
23  import javax.servlet.ServletContext;
24  import javax.servlet.ServletRequest;
25  import javax.servlet.ServletResponse;
26  
27  import org.eclipse.jetty.server.Authentication;
28  import org.eclipse.jetty.server.Authentication.User;
29  import org.eclipse.jetty.server.Server;
30  
31  /**
32   * Authenticator Interface
33   * <p>
34   * An Authenticator is responsible for checking requests and sending
35   * response challenges in order to authenticate a request.
36   * Various types of {@link Authentication} are returned in order to
37   * signal the next step in authentication.
38   *
39   * @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $
40   */
41  public interface Authenticator
42  {
43      /* ------------------------------------------------------------ */
44      /**
45       * Configure the Authenticator
46       * @param configuration
47       */
48      void setConfiguration(AuthConfiguration configuration);
49  
50      /* ------------------------------------------------------------ */
51      /**
52       * @return The name of the authentication method
53       */
54      String getAuthMethod();
55      
56      
57      /* ------------------------------------------------------------ */
58      /**
59       * Called prior to validateRequest. The authenticator can
60       * manipulate the request to update it with information that
61       * can be inspected prior to validateRequest being called.
62       * The primary purpose of this method is to satisfy the Servlet
63       * Spec 3.1 section 13.6.3 on handling Form authentication
64       * where the http method of the original request causing authentication
65       * is not the same as the http method resulting from the redirect
66       * after authentication.
67       * @param request
68       */
69      void prepareRequest(ServletRequest request);
70      
71  
72      /* ------------------------------------------------------------ */
73      /** Validate a request
74       * @param request The request
75       * @param response The response
76       * @param mandatory True if authentication is mandatory.
77       * @return An Authentication.  If Authentication is successful, this will be a {@link org.eclipse.jetty.server.Authentication.User}. If a response has
78       * been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will
79       * implement {@link org.eclipse.jetty.server.Authentication.ResponseSent}.  If Authentication is not manditory, then a
80       * {@link org.eclipse.jetty.server.Authentication.Deferred} may be returned.
81       *
82       * @throws ServerAuthException
83       */
84      Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException;
85  
86      /* ------------------------------------------------------------ */
87      /**
88       * @param request
89       * @param response
90       * @param mandatory
91       * @param validatedUser
92       * @return true if response is secure
93       * @throws ServerAuthException
94       */
95      boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, User validatedUser) throws ServerAuthException;
96  
97  
98      /* ------------------------------------------------------------ */
99      /* ------------------------------------------------------------ */
100     /* ------------------------------------------------------------ */
101     /**
102      * Authenticator Configuration
103      */
104     interface AuthConfiguration
105     {
106         String getAuthMethod();
107         String getRealmName();
108 
109         /** Get a SecurityHandler init parameter
110          * @see SecurityHandler#getInitParameter(String)
111          * @param param parameter name
112          * @return Parameter value or null
113          */
114         String getInitParameter(String param);
115 
116         /* ------------------------------------------------------------ */
117         /** Get a SecurityHandler init parameter names
118          * @see SecurityHandler#getInitParameterNames()
119          * @return Set of parameter names
120          */
121         Set<String> getInitParameterNames();
122 
123         LoginService getLoginService();
124         IdentityService getIdentityService();
125         boolean isSessionRenewedOnAuthentication();
126     }
127 
128     /* ------------------------------------------------------------ */
129     /* ------------------------------------------------------------ */
130     /* ------------------------------------------------------------ */
131     /**
132      * Authenticator Factory
133      */
134     interface Factory
135     {
136         Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService);
137     }
138 }