1 // 2 // ======================================================================== 3 // Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd. 4 // ------------------------------------------------------------------------ 5 // All rights reserved. This program and the accompanying materials 6 // are made available under the terms of the Eclipse Public License v1.0 7 // and Apache License v2.0 which accompanies this distribution. 8 // 9 // The Eclipse Public License is available at 10 // http://www.eclipse.org/legal/epl-v10.html 11 // 12 // The Apache License v2.0 is available at 13 // http://www.opensource.org/licenses/apache2.0.php 14 // 15 // You may elect to redistribute this code under either of these licenses. 16 // ======================================================================== 17 // 18 19 package org.eclipse.jetty.server; 20 21 import javax.servlet.ServletRequest; 22 import javax.servlet.ServletResponse; 23 import javax.servlet.http.HttpServletRequest; 24 import javax.servlet.http.HttpServletResponse; 25 26 27 /** The Authentication state of a request. 28 * <p> 29 * The Authentication state can be one of several sub-types that 30 * reflects where the request is in the many different authentication 31 * cycles. Authentication might not yet be checked or it might be checked 32 * and failed, checked and deferred or succeeded. 33 */ 34 public interface Authentication 35 { 36 /* ------------------------------------------------------------ */ 37 public static class Failed extends QuietServletException 38 { 39 public Failed(String message) 40 { 41 super(message); 42 } 43 } 44 45 /* ------------------------------------------------------------ */ 46 /** A successful Authentication with User information. 47 */ 48 public interface User extends Authentication 49 { 50 String getAuthMethod(); 51 UserIdentity getUserIdentity(); 52 boolean isUserInRole(UserIdentity.Scope scope,String role); 53 void logout(); 54 } 55 56 /* ------------------------------------------------------------ */ 57 /** A wrapped authentication with methods provide the 58 * wrapped request/response for use by the application 59 */ 60 public interface Wrapped extends Authentication 61 { 62 HttpServletRequest getHttpServletRequest(); 63 HttpServletResponse getHttpServletResponse(); 64 } 65 66 /* ------------------------------------------------------------ */ 67 /** A deferred authentication with methods to progress 68 * the authentication process. 69 */ 70 public interface Deferred extends Authentication 71 { 72 /* ------------------------------------------------------------ */ 73 /** Authenticate if possible without sending a challenge. 74 * This is used to check credentials that have been sent for 75 * non-manditory authentication. 76 * @param request the request 77 * @return The new Authentication state. 78 */ 79 Authentication authenticate(ServletRequest request); 80 81 /* ------------------------------------------------------------ */ 82 /** Authenticate and possibly send a challenge. 83 * This is used to initiate authentication for previously 84 * non-manditory authentication. 85 * @param request the request 86 * @param response the response 87 * @return The new Authentication state. 88 */ 89 Authentication authenticate(ServletRequest request,ServletResponse response); 90 91 92 /* ------------------------------------------------------------ */ 93 /** Login with the LOGIN authenticator 94 * @param username the username 95 * @param password the password 96 * @param request the request 97 * @return The new Authentication state 98 */ 99 Authentication login(String username,Object password,ServletRequest request); 100 } 101 102 103 /* ------------------------------------------------------------ */ 104 /** Authentication Response sent state. 105 * Responses are sent by authenticators either to issue an 106 * authentication challenge or on successful authentication in 107 * order to redirect the user to the original URL. 108 */ 109 public interface ResponseSent extends Authentication 110 { 111 } 112 113 /* ------------------------------------------------------------ */ 114 /** An Authentication Challenge has been sent. 115 */ 116 public interface Challenge extends ResponseSent 117 { 118 } 119 120 /* ------------------------------------------------------------ */ 121 /** An Authentication Failure has been sent. 122 */ 123 public interface Failure extends ResponseSent 124 { 125 } 126 127 public interface SendSuccess extends ResponseSent 128 { 129 } 130 131 /* ------------------------------------------------------------ */ 132 /** Unauthenticated state. 133 * <p> 134 * This convenience instance is for non mandatory authentication where credentials 135 * have been presented and checked, but failed authentication. 136 */ 137 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override 138 public String toString(){return "UNAUTHENTICATED";}}; 139 140 /* ------------------------------------------------------------ */ 141 /** Authentication not checked 142 * <p> 143 * This convenience instance us for non mandatory authentication when no 144 * credentials are present to be checked. 145 */ 146 public final static Authentication NOT_CHECKED = new Authentication(){@Override 147 public String toString(){return "NOT CHECKED";}}; 148 149 /* ------------------------------------------------------------ */ 150 /** Authentication challenge sent. 151 * <p> 152 * This convenience instance is for when an authentication challenge has been sent. 153 */ 154 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override 155 public String toString(){return "CHALLENGE";}}; 156 157 /* ------------------------------------------------------------ */ 158 /** Authentication failure sent. 159 * <p> 160 * This convenience instance is for when an authentication failure has been sent. 161 */ 162 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override 163 public String toString(){return "FAILURE";}}; 164 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override 165 public String toString(){return "SEND_SUCCESS";}}; 166 }