1 //
2 // ========================================================================
3 // Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
8 //
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
11 //
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
14 //
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
17 //
18
19 package org.eclipse.jetty.server;
20
21 import javax.servlet.ServletRequest;
22 import javax.servlet.ServletResponse;
23 import javax.servlet.http.HttpServletRequest;
24 import javax.servlet.http.HttpServletResponse;
25
26
27 /** The Authentication state of a request.
28 * <p>
29 * The Authentication state can be one of several sub-types that
30 * reflects where the request is in the many different authentication
31 * cycles. Authentication might not yet be checked or it might be checked
32 * and failed, checked and deferred or succeeded.
33 */
34 public interface Authentication
35 {
36 /* ------------------------------------------------------------ */
37 public static class Failed extends QuietServletException
38 {
39 public Failed(String message)
40 {
41 super(message);
42 }
43 }
44
45 /* ------------------------------------------------------------ */
46 /** A successful Authentication with User information.
47 */
48 public interface User extends Authentication
49 {
50 String getAuthMethod();
51 UserIdentity getUserIdentity();
52 boolean isUserInRole(UserIdentity.Scope scope,String role);
53 void logout();
54 }
55
56 /* ------------------------------------------------------------ */
57 /** A wrapped authentication with methods provide the
58 * wrapped request/response for use by the application
59 */
60 public interface Wrapped extends Authentication
61 {
62 HttpServletRequest getHttpServletRequest();
63 HttpServletResponse getHttpServletResponse();
64 }
65
66 /* ------------------------------------------------------------ */
67 /** A deferred authentication with methods to progress
68 * the authentication process.
69 */
70 public interface Deferred extends Authentication
71 {
72 /* ------------------------------------------------------------ */
73 /** Authenticate if possible without sending a challenge.
74 * This is used to check credentials that have been sent for
75 * non-manditory authentication.
76 * @param request the request
77 * @return The new Authentication state.
78 */
79 Authentication authenticate(ServletRequest request);
80
81 /* ------------------------------------------------------------ */
82 /** Authenticate and possibly send a challenge.
83 * This is used to initiate authentication for previously
84 * non-manditory authentication.
85 * @param request the request
86 * @param response the response
87 * @return The new Authentication state.
88 */
89 Authentication authenticate(ServletRequest request,ServletResponse response);
90
91
92 /* ------------------------------------------------------------ */
93 /** Login with the LOGIN authenticator
94 * @param username the username
95 * @param password the password
96 * @param request the request
97 * @return The new Authentication state
98 */
99 Authentication login(String username,Object password,ServletRequest request);
100 }
101
102
103 /* ------------------------------------------------------------ */
104 /** Authentication Response sent state.
105 * Responses are sent by authenticators either to issue an
106 * authentication challenge or on successful authentication in
107 * order to redirect the user to the original URL.
108 */
109 public interface ResponseSent extends Authentication
110 {
111 }
112
113 /* ------------------------------------------------------------ */
114 /** An Authentication Challenge has been sent.
115 */
116 public interface Challenge extends ResponseSent
117 {
118 }
119
120 /* ------------------------------------------------------------ */
121 /** An Authentication Failure has been sent.
122 */
123 public interface Failure extends ResponseSent
124 {
125 }
126
127 public interface SendSuccess extends ResponseSent
128 {
129 }
130
131 /* ------------------------------------------------------------ */
132 /** Unauthenticated state.
133 * <p>
134 * This convenience instance is for non mandatory authentication where credentials
135 * have been presented and checked, but failed authentication.
136 */
137 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override
138 public String toString(){return "UNAUTHENTICATED";}};
139
140 /* ------------------------------------------------------------ */
141 /** Authentication not checked
142 * <p>
143 * This convenience instance us for non mandatory authentication when no
144 * credentials are present to be checked.
145 */
146 public final static Authentication NOT_CHECKED = new Authentication(){@Override
147 public String toString(){return "NOT CHECKED";}};
148
149 /* ------------------------------------------------------------ */
150 /** Authentication challenge sent.
151 * <p>
152 * This convenience instance is for when an authentication challenge has been sent.
153 */
154 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override
155 public String toString(){return "CHALLENGE";}};
156
157 /* ------------------------------------------------------------ */
158 /** Authentication failure sent.
159 * <p>
160 * This convenience instance is for when an authentication failure has been sent.
161 */
162 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override
163 public String toString(){return "FAILURE";}};
164 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override
165 public String toString(){return "SEND_SUCCESS";}};
166 }